Skip to main content

This content is closed to future replies and is no longer being maintained or updated.
Links may no longer function. If you have a similar request, please write a new post.

Question

 Venkatesh Kota (VenkateshK1358)
Cognizant

Cognizant
IN
VenkateshK1358 Member since 2014 3 posts
Cognizant
Posted: Aug 3, 2021
Last activity: Aug 3, 2021
Posted: 3 Aug 2021 7:50 EDT
Last activity: 3 Aug 2021 7:54 EDT
Closed

Can we UsePreauthenticationCookie to resolve Session Fixation issue with Pega-RULES cookie?

We have a Session Fixation vulnerability for Pega-Rules cookie in our application Where the value of the cookie is not getting updated before log in, after login and log off in Pega v5.5 application. Can we set the UsePreauthenticationCookie setting to resolve this issue.

Refer: https://community.pega.com/support/support-articles/unable-log-second-time-without-clearing-cache

To see attachments, please log in.
Pega Platform 5.5
Security
Insurance
System Architect

We'd prefer it if you saw us at our best.

Pega Collaboration Center has detected you are using a browser which may prevent you from experiencing the site as intended. To improve your experience, please update your browser.

Close Deprecation Notice