Relationship between Cookie and Requestor ID
Hi,
I am trying to understand mechanism around Cookie and Requestor. In my understanding, JSESSIONID cookie is given by app server and used for session affinity, while Pega-RULES cookie is given by Pega Platform and used for identifying Requestor ID. Below is the screenshot of both Cookie and Requestor ID but I don't see the relationship. How are they related?
<Pega-RULES Cookie>
<Requestor ID>
Another question is, is hash looking string in URL field in browser somehow related to either of these (Requestor ID or Cookie)? It looks different from any of these but how is this string constructed?
Thanks,
***Edited by Moderator: Lochan to update platform capability tags***
In newer versions of Pega, PegaRULES cookie is always encrypted and hence cannot be used to identify Requestor ID. The hash in the URL is completely unrelated to Requestor ID or PegaRULES cookie.
Hi,
Please find below some good explanation:
https://community.pega.com/knowledgebase/articles/how-process-commander-uses-http-cookies
https://community1.pega.com/community/product-support/question/how-set-cookies-how-does-prpc-handle-cookies
To recap JSESSIONID cookie is set by the Servlet Container and is is used for HTTP Session tracking and, in load balancing, for session affinity.
On the other end Pega-RULES cookie is associated with the (authenticated or not) Browser Requestor and its value is the RequestorID
As in Pega each user session is identified uniquely by the RequestorID the Pega-RULES cookie is a a mean to identify a specific user session.