Absent Member.. Absent Member..
Absent Member..

Support tip: Web Client session id changes after successful login


This may be useful for any of your customers that ask about some security aspects of the Service Manager web client.

The current SM Webtiers(version 7 and above) have the ability to change the session id after login.  You can trace this using a browser add-on like HTTPHeaders or httpWatch (if you have the full-paid version). Look for the JSESSIONID cookies that get created during the login process. You will see that the app server where SM webtier is running provides a unique JSESSIONID when they hit the index.do/ess.do login page. Then the JSESSIONID is changed after the user hits the “Log in” button.



“HP Support
If you find that this or any post resolves your issue, please be sure to mark it as an accepted solution.”
Labels (1)
0 Replies
The opinions expressed above are the personal opinions of the authors, not of Micro Focus. By using this site, you accept the Terms of Use and Rules of Participation. Certain versions of content ("Material") accessible here may contain branding from Hewlett-Packard Company (now HP Inc.) and Hewlett Packard Enterprise Company. As of September 1, 2017, the Material is now offered by Micro Focus, a separately owned and operated company. Any reference to the HP and Hewlett Packard Enterprise/HPE marks is historical in nature, and the HP and Hewlett Packard Enterprise/HPE marks are the property of their respective owners.