Forum Discussion
Rosario
Nimbostratus
NimbostratusAvoid Copy/Paste cookies for login
We have a DNN implementation and we have discovered that we can copy the authentication cookies and paste them in another computer to allow the user get in, I am looking if there is a way to validate cookies on this scenario
Nicholas_P__308Cirrus
There is an HMAC irule. Please see the following.
https://devcentral.f5.com/codeshare/high-performance-hmac-cookie-signing
Basically, it generates a random string for each new session paired with the authentication cookie and validates each user with minimum performance impact.