000020529 - Understanding the format of RSA cookies

Document created by RSA Customer Support Employee on Jun 14, 2016Last modified by RSA Customer Support Employee on Apr 22, 2017
Version 2Show Document
  • View in full screen mode

Article Content

Article Number000020529
Applies ToRSA ACE/Agent 5.2 for Web
RSA Authentication Agent 5.3 for Web
RSA Cookie
Cookie Format
IssueUnderstanding the format of RSA cookies
CauseTo best understand the format of the RSA cookie, refer the example scripts in the directory samples\web\asp; this example code shows examples of how to parse the cookie data
ResolutionThe sample code also lists what the RSA cookie names are, including the domain cookie.

NOTE: Since the release of RSA ACE/Agent 4.4, the documented structure and naming of the cookies has changed

For version 4.3 and earlier, cookie names are as follows:

        local = webid2
        domain = webid2_dom

For RSA ACE/Agent 4.4 and later, the cookie has variable length fields; therefore, the different fields are delimited, with the names as follows.

        local = rsa-local
        domain = webid2_dom

Additionally, the data in the cookie is URL encoded and are designed to conform to RFC 2965.

The cookie is made of a number of fields, where the variable length fields are delimited (with a Z00' sequence) and the order of the fields is as follows:

        auth type
        create time
        sd time
        3rd party data
        RSA Reserved Data

so, given the following cookie:


The data is broken down into the following items:

delimiter =                         Z00
username =                         TestTech
shell =                                 <blank>
auth type =                         2
create time =                         3D8749DA
sd time (same as create) =         3D8749DA
3rd party data =                        <blank>   
Use double null to delimit reserved data
RSA Reserved Data =

The current version of web agent is RSA ACE/Agent 5.2 for Web and support for versions 4.4 and earlier has now ceased.
Legacy Article IDa17316