iTP Secure WebServer System Administrators Guide (Version 7.5+)
The CookiePersistence attribute specifies the number of seconds that a cookie remains valid,
from the time that the cookie is issued. (The time period is called the persistence of the cookie.)
Cookies that have a persistence greater than 0 can be stored in the Web client, across browser
sessions so that sessions can continue across browser restarts, whether or not the session is
anonymous.
This attribute is effective only for anonymous ticketing (See “Anonymous Ticketing” (page 170)) For
non-anonymous tickets, the ticketing agent controls how long the ticket is valid.
This default applies:
-CookiePersistence 0
To use -CookiePersistence in an SI_DefaultRegion command:
SI_Default -CookiePersistence 1800
-EnableAnonymousTicketing {GroupID GroupID ...}
The EnableAnonymousTicketing attribute turns on anonymous ticketing for regions accessible
to the specified groups. Anonymous ticketing enables you to track requests without performing
authentication or authorization. For more information about anonymous ticketing, See “Anonymous
Ticketing” (page 170)x.
The department ID in a directive or command that enables anonymous ticketing can be any string,
as long as it does not include spaces.
If you include only one group, you can omit the braces.
Omitting the group IDs turns off anonymous ticketing for all regions in the specified department.
The default is no anonymous ticketing.
To use -EnableAnonymousTicketing in an SI_DepartmentRegion command, enter the
following:
SI_Department Mydepartment -EnableAnonymousTicketing { 10 20 30 }
-PostExpirationExtension add-seconds
For requests using a POST method, the PostExpirationExtension attribute adds a specified
number of seconds (add-seconds) to the normal lifespan of the Session Identifier.
The PostExpirationExtension directive allows clients sufficient time to GET a form, fill it out,
and POST it back to the iTP Secure WebServer. Without the additional time specified by the
PostExpirationExtension directive, the session identifier might expire before the Web client
POSTs the form and cause the content server to redirect the POST message to the ticketing agent
for reauthentication; as a result, the data from the POST message would be lost.
Setting PostExpirationExtension to a reasonable number of additional seconds allows
POSTs to work reliably. The default is 3 hours.
This default applies:
SI_Default -PostExpirationExtension 10800
To use -PostExpirationExtension in an SI_DefaultRegion command:
SI_Default -PostExpirationExtension 3600
-RequireIP
The RequireIP attribute enables the iTP Secure WebServer to omit the Web client IP address in
the MAC for the Session Identifier, which is useful in the case where a Web client's IP address
changes from request to request. Omitting the IP address in the Session Identifier or Digital Receipt
stops those clients from being reticketed with a new anonymous user ID for each request.
If no -RequireIP attribute value is provided, the default is the value set by the server.
To use -RequireIP in an SI_DepartmentRegion command:
SI_Department 4567 -RequireIP
-RewriteHostAlias "alias-name alias-name ..."
The RewriteHostAlias attribute enables you to specify alias names for the iTP Secure
WebServer. Aliases are useful for some organizations where the Domain Name Server (DNS)
permits abbreviations of the host name.
Region 243