|
IRISLIB database
|
|
|
IRISLIB database
|
|
The <CLASS>CSP.Session</CLASS> class represents a session within a CSP application. More...
Public Member Functions | |
| _.Library.String | BrowserNameGet () |
| The <CLASS>CSP.Session</CLASS> class represents a session within a CSP application. | |
| _.Library.Status | CompleteTwoFactorLogin (_.Library.String EnteredToken, _.Library.Status apperr) |
| If this application has a Two-Factor-Authentication enabled, when this method allows you to finish the second part of the authentication. More... | |
| DeletePersistentHeader (_.Library.String name) | |
| Remove a persistent header from the session Note that name is not case sensitive. | |
| _.Library.Status | EventClassAdd (_.Library.String class, _.Library.String namespace) |
| Add an event class to the list of classes we will callback. More... | |
| _.Library.Status | EventClassClear () |
| Remove all event classes from the event class list. | |
| _.Library.Boolean | EventClassExists (_.Library.String class, _.Library.String namespace) |
| Return true if this event class is present in the current session event list or false otherwise. More... | |
| _.Library.Status | EventClassList (_.Library.String Array) |
| Return an array of Array(namespace,classname)="" of the currently defined event classes. | |
| _.Library.Boolean | EventClassRemove (_.Library.String class, _.Library.String namespace) |
| Remove an event class from the set of event classes we will run on session events. More... | |
| _.Library.String | Get (_.Library.String index, _.Library.String default) |
| Get the value of the user data at index. More... | |
| _.Library.Integer | GetLinkTargets (_.Library.String link, _.Library.String targetUsername, _.Library.String targetAppName, _.Library.String targetNamespace) |
| CheckLinkAccess determines whether the target user is permitted. More... | |
| _.Library.String | GetPersistentHeader (_.Library.String name) |
| Return the value of the persistent session name header. More... | |
| _.Library.Boolean | IsDefined (_.Library.String index) |
| Tests if a name-value pair name is defined in the user data. More... | |
| Kill (_.Library.String index) | |
| Remove the index from the user data <property>Data</property>. More... | |
| _.Library.Status | Lock (_.Library.Integer timeout) |
| Lock the ^cspSession global to prevent other InterSystems IRIS processes accessing this objects. More... | |
| _.Library.Status | Login (_.Library.String username, _.Library.String password, _.Library.Integer type, _.Library.String oldpassword, _.Library.Status apperr) |
| Login with this username and password, returns a status code to show. More... | |
| Logout (_.Library.Integer force) | |
| This call logs out the current session. More... | |
| LogoutAll (_.Library.String username) | |
| Logout all CSP sessions for the indicated user. More... | |
| _.Library.String | Next (_.Library.String index) |
| Return the next index in the user data <property>Data</property>. More... | |
| Set (_.Library.String index, _.Library.String value) | |
| Set the value of the user data at index to value. More... | |
| SetPersistentHeader (_.Library.String name, _.Library.String value) | |
| Set a persistent HTTP header values in the session object so it will be output for every response from this session. More... | |
| _.Library.Status | Unlock (_.Library.Boolean save) |
| Unlock the ^cspSession global so that another process can access this objects storage. More... | |
| _.Library.String | UsernameGet () |
| Get method for Username property. | |
 Public Member Functions inherited from Persistent | |
| _.Library.Status | AcquireLock (_.Library.String locktype) |
| Acquires a lock for the current instance. More... | |
| _.Library.Status | LoadData (_.Library.String id) |
| LoadData() - loads an object from storage. More... | |
| _.Library.Status | OnAfterSave (_.Library.Boolean insert) |
| This callback method is invoked by the <METHOD>Save</METHOD> method to. More... | |
| _.Library.Status | OnBeforeSave (_.Library.Boolean insert) |
| This callback method is invoked by the <METHOD>Save</METHOD> method to. More... | |
| _.Library.Status | OnOpen () |
| This callback method is invoked by the <METHOD>Open</METHOD> method to. More... | |
| _.Library.Status | OnReload () |
| This callback method is invoked by the <METHOD>Reload</METHOD> method to. More... | |
| _.Library.Status | OnRollBack () |
| This callback method is invoked by the <METHOD>Save</METHOD> method to. More... | |
| _.Library.Status | ReleaseLock (_.Library.String locktype) |
| Releases a lock for the current instance. More... | |
| _.Library.Status | SaveData (_.Library.String id) |
| SaveData() - saves an object to disk, checks uniqueness and referential More... | |
| Public Member Functions inherited from SwizzleObject | |
| _.Library.Status | OnJournalObject (_.Library.Integer tranid, _.Library.Integer jrnid, _.Library.String filter) |
| This callback method is invoked by the <METHOD>JournalObject</METHOD> method to. More... | |
| Public Member Functions inherited from RegisteredObject | |
| _.Library.Status | OnAddToSaveSet (_.Library.Integer depth, _.Library.Integer insert, _.Library.Integer callcount) |
| This callback method is invoked when the current object is added to the SaveSet,. More... | |
| _.Library.Status | OnClose () |
| This callback method is invoked by the <METHOD>Close</METHOD> method to. More... | |
| _.Library.Status | OnConstructClone (_.Library.RegisteredObject object, _.Library.Boolean deep, _.Library.String cloned) |
| This callback method is invoked by the <METHOD>ConstructClone</METHOD> method to. More... | |
| _.Library.Status | OnNew () |
| This callback method is invoked by the <METHOD>New</METHOD> method to. More... | |
| _.Library.Status | OnValidateObject () |
| This callback method is invoked by the <METHOD>ValidateObject</METHOD> method to. More... | |
Public Attributes | |
| AppTimeout | |
| Specifies the timeout value for the session in seconds. More... | |
| Application | |
| Stored the CSP application name so we can detect when the CSP application has changed. More... | |
| BrowserName | |
| This property contains the browser name based on parsing the HTTP_USER_AGENT CGI variable. More... | |
| BrowserPlatform | |
| This property contains the browser operating system based on parsing the HTTP_USER_AGENT CGI variable. More... | |
| BrowserVersion | |
| This property contains the browser version based on parsing the HTTP_USER_AGENT CGI variable. More... | |
| CSPSessionCookie | |
| Used by the CSP Gateway to store the session Id on the browser. More... | |
| CreateTime | |
| The data/time the session was created in UTC. More... | |
| Data | |
| The place users can preserve any data within a session. More... | |
| Debug | |
| This is true when this CSP session is being debugged, and false otherwise. More... | |
| EndSession | |
| A flag that you set to '1' to terminate this session upon completion. More... | |
| ErrorPage | |
| If set then use this page as the error page rather than the one obtained from the. More... | |
| EventClass | |
| The name of the application event class to be called in response to certain CSP events. More... | |
| HttpAuthorization | |
| If we are passed an 'Authorization' HTTP header the value is stored here to avoid. More... | |
| KeepAlive | |
| If true and the CSP gateway supports this then use the HTTP keep alive support to reuse the. More... | |
| Key | |
| Stores the encryption key used to validate and secure the communication with the browser. More... | |
| Language | |
| The language (RFC 1766 format) in which pages in this CSP session are to be displayed. More... | |
| LastModified | |
| The date/time when this session was last modified in UTC. More... | |
| LicenseId | |
| Internal property that hold the name of the license that this session is associated with. More... | |
| Namespace | |
| The namespace this session was created from. More... | |
| NewSession | |
| Indicates whether this is the first request of the. More... | |
| Preserve | |
| A flag specifying the level of state preservation required by. More... | |
| ProcessId | |
| Process Id. More... | |
| Referrer | |
| Original referrer when session was created, copied from the HTTP_REFERER request value. More... | |
| RunNamespace | |
| If set then run this session in the namespace given rather than the one determined. More... | |
| SecureSessionCookie | |
| Internal property to determine if we should send the 'secure' flag with the sessionId cookie. More... | |
| SessionId | |
| The session id value for this session. More... | |
| SessionScope | |
| Property to determine how strictly to restrict the domain of the sessionId cookie. More... | |
| UseSessionCookie | |
| Indicates whether sessions should be maintained using cookies or not. More... | |
| UserAgent | |
| Contains the HTTP_USER_AGENT CGI variable passed in the initial session request. More... | |
| UserCookieScope | |
| Property to determine which SameSite attribute to send with user-created cookies. More... | |
| Username | |
| The username this CSP session is logged in as. More... | |
Private Member Functions | |
| __Reset () | |
| Resets this CSP.Session object to its initial state. | |
Additional Inherited Members | |
| Static Public Member Functions inherited from Persistent | |
| _.Library.Status | DeleteData (_.Library.String id, _.Library.Integer concurrency) |
| This method is normally generated by the storage class for persistent classes using. More... | |
| _.Library.Status | KillExtentData (_.Library.Boolean killstreams) |
| KillExtentData() - kills extent data in storage. More... | |
| _.Library.Status | OnAfterBuildIndices (_.Library.String indexlist) |
| This callback method is invoked by the <METHOD>BuildIndices</METHOD> method after all work is completed. More... | |
| _.Library.Status | OnAfterDelete (_.Library.ObjectIdentity oid) |
| This callback method is invoked by the <METHOD>Delete</METHOD> method to. More... | |
| _.Library.Status | OnAfterPurgeIndices (_.Library.String indexlist) |
| This callback method is invoked by the <METHOD>PurgeIndices</METHOD> method after all work is completed. More... | |
| _.Library.Status | OnBeforeBuildIndices (_.Library.String indexlist) |
| _.Library.Status | OnBeforePurgeIndices (_.Library.String indexlist) |
| _.Library.Status | OnDelete (_.Library.ObjectIdentity oid) |
| This callback method is invoked by the <METHOD>Delete</METHOD> method to. More... | |
| Static Public Attributes inherited from Persistent | |
| XCOMPACTANCESTRY | |
| XCOMPACTANCESTRY can be set to a string to replace the value of the %CLASSNAME property (x__classname field) More... | |
| DATALOCATIONGLOBAL = None | |
| Global name containing master map data for this class. More... | |
| DEFAULTGLOBAL = None | |
| DSCONDITION = None | |
| DSCONDITION is the expression that will be evaluated before deciding whether certain actions must be taken. More... | |
| DSINTERVAL = None | |
| DSINTERVAL is the number of seconds between one DSTIME value and the next. More... | |
| DSTIME = None | |
| If the DSTIME parameter is set to AUTO then the most recent filing operation in the current DSTIME value. More... | |
| EXTENTQUERYSPEC = None | |
| The EXTENTQUERYSPEC parameter defines the properties to be retrieved in. More... | |
| EXTENTSIZE = None | |
| The EXTENTSIZE parameter is used to inform the SQL Query Optimizer More... | |
| GUIDENABLED = None | |
| If this parameter is set to 1 then a GUID will be assigned (to the GUID property) to each new object. More... | |
| IDENTIFIEDBY = None | |
| The IDENTIFIEDBY parameter can optionally be set to the name. More... | |
| MANAGEDEXTENT = None | |
| The MANAGEDEXTENT parameter can be set to 0 (zero) to cause the Extent Manager. More... | |
| READONLY = None | |
| READONLY = 1 means that objects can be created, opened but not saved or deleted. More... | |
| ROWLEVELSECURITY = None | |
| ROWLEVELSECURITY = 1 | <property> means that row level security is active and the list More... | |
| SQLPREVENTFULLSCAN = None | |
| SQLPREVENTFULLSCAN = 1 means an attempt to prepare a query that will result in a full scan More... | |
| STORAGEDEFAULT = None | |
| STORAGEDEFAULT defines the default storage allocation to use for properties in this class. More... | |
| USEEXTENTSET = None | |
| VERSIONCLIENTNAME = None | |
| VERSIONCLIENTNAME can be set to a valid CLIENTNAME (see property CLIENTNAME) value. More... | |
| VERSIONPROPERTY = None | |
| VERSIONPROPERTY = <property> means that the <property> in memory will be compared to. More... | |
| Static Public Attributes inherited from SwizzleObject | |
| DEFAULTCONCURRENCY = None | |
| DEFAULTCONCURRENCY is the default value for the concurrency formal argument. More... | |
| JOURNALSTREAM = None | |
| If OBJJOURNAL is true then the value of the JOURNALSTREAM parameter defines whether or not. More... | |
| OBJJOURNAL = None | |
| if OBJJOURNAL is TRUE then inserts, updates and deletes will be logged in ^OBJ.JournalT More... | |
| Static Public Attributes inherited from RegisteredObject | |
| CAPTION = None | |
| Optional name used by the Form Wizard for a class when generating forms. More... | |
| JAVATYPE = None | |
| The Java type to be used when exported. | |
| PROPERTYVALIDATION = None | |
| This parameter controls the default validation behavior for the object. More... | |
The <CLASS>CSP.Session</CLASS> class represents a session within a CSP application.
| _.Library.Status CompleteTwoFactorLogin | ( | _.Library.String | EnteredToken, |
| _.Library.Status | apperr | ||
| ) |
If this application has a Two-Factor-Authentication enabled, when this method allows you to finish the second part of the authentication.
For example,
a security token was sent during the initial login attempt, Login^CSP.Session(). You must obtain this security code (an 8-character numeric string) and call CompleteToFactorLogin() to complete authencation for this user. Note: This should only be called if Login^CSP.Session() returns a status of $$$CSPPendingTwoFactorAuthentication Returns: $$$CSPSecondFactorLoginFailed if request's application was not Two-Factor-Authentication enabled Returns: $$$OK if login was completed Returns: $$$CSPSecurityTokenMismatch is a token was found, but did not match the entered token, else returns the error code which cause the completion to fail
| _.Library.Status EventClassAdd | ( | _.Library.String | class, |
| _.Library.String | namespace | ||
| ) |
Add an event class to the list of classes we will callback.
If the class is already present we will
remove it and add this at the front of the list. The namespace is optional and will default to the current namespace.
| _.Library.Boolean EventClassExists | ( | _.Library.String | class, |
| _.Library.String | namespace | ||
| ) |
Return true if this event class is present in the current session event list or false otherwise.
The namespace is optional and will default to the current namespace.
| _.Library.Boolean EventClassRemove | ( | _.Library.String | class, |
| _.Library.String | namespace | ||
| ) |
Remove an event class from the set of event classes we will run on session events.
The namespace is optional and will default to the current namespace. Returns true if it removed the class and false if it did not. If class is null then it will remove all event classes defined in this namespace.
| _.Library.String Get | ( | _.Library.String | index, |
| _.Library.String | default | ||
| ) |
Get the value of the user data at index.
This is equivalent to:
Write $Get(session.Data(index),default)
It is faster to access the property directly rather than use the <method>Get</method> and <method>Set</method> methods. These are kept for backward compatibility.
| _.Library.Integer GetLinkTargets | ( | _.Library.String | link, |
| _.Library.String | targetUsername, | ||
| _.Library.String | targetAppName, | ||
| _.Library.String | targetNamespace | ||
| ) |
CheckLinkAccess determines whether the target user is permitted.
to view a given CSP or Zen page based on the security requirements for the relevant target Web application, the underlying page class, and any custom resources applied to the link.
Positive return values indicate that there is already enough information to determin if the link should be enabled (Target variables may be undefined.). Negative values indicate that further processing needs to be done. Checking that the Target User can be logged into the Target Application and/or checking if the link's page has target resources which the Target User must have privileges to.
Returns 0 if the link is not to a csp application. (enable)
Returns 1 if the user is permitted access to the page. (enable)
Returns 2 if could not determine Target User. Clicking on link will bring up login page. (choice: enable or disable)
Returns 3 if the user doesn't have access to the CSP application.(disable)
Returns 4 if the user doesn't have resources specific to the page.(disable)
Returns -1 if check both if the Target User can log into the Target Application and check the Page's resources if any.
Returns -2 just check for access to the link's Page's resources, if any.
This method is meant to be called from the link's containing page within the context of the CSP server. The containing page is part of a session's current application.
We must be able to detemine which target user will be used to check privileges. The target user cannot be determined if the source and target applications are different and the target is neither part of an active by-id group nor sharing-sessions with the source application.
Applications share sessions when:
Since this is called from with a CSP session, there are the following situations:
| _.Library.String GetPersistentHeader | ( | _.Library.String | name | ) |
Return the value of the persistent session name header.
Note that name is not case sensitive
| _.Library.Boolean IsDefined | ( | _.Library.String | index | ) |
Tests if a name-value pair name is defined in the user data.
This has been deprecated in favour of the faster syntax:
Write $Data(session.Data(index))
| Kill | ( | _.Library.String | index | ) |
Remove the index from the user data <property>Data</property>.
This
has been deprecated in favour of the faster syntax:
Kill session.Data(index) ; Or if index="" Kill session.Data
| _.Library.Status Lock | ( | _.Library.Integer | timeout | ) |
Lock the ^cspSession global to prevent other InterSystems IRIS processes accessing this objects.
storage. By default the ^cspSession global is locked so you only need to call this in rare cases where you use the <method>Unlock</method> and you wish to reaquire the lock afterwards.
| _.Library.Status Login | ( | _.Library.String | username, |
| _.Library.String | password, | ||
| _.Library.Integer | type, | ||
| _.Library.String | oldpassword, | ||
| _.Library.Status | apperr | ||
| ) |
Login with this username and password, returns a status code to show.
if it worked or not. This method also trades license units at the same time so this CSP session will be logged in as a named user. If you pass type=1 then this will trade licenses only and not login as this user. After the login completes it also updates the property <property>Username</property> to match the $username value this session is logged in as. The property <property>LicenseId</property> is also updated to be the license identifier that this session is logged in with.
If a login fails then the property <property>Username</property> and property <property>LicenseId</property> will remain at their previous values. If you pass oldpassword then this will attempt to change the password of username from oldpassword to password and login as this user. Note new status return values: CSP applications can be two-factor-enabled. If the current application is one such, then if Login() successfully authenticates the username/password, it does not return $$$OK, but rather $$$CSPPendingTwoFactorAuthentication. During Two-Factor Authentication, an 8-character numeric security string will be sent to the user's cellphone. You must obtain this string from the user and call CompleteTwoFactorLogin^CSP.Session() to complete authentication of this user. Also note that if the login SUCCEEDS (status returned will be $$$OK), but you were unable to secure a license, the new apperr parameter will have the value of $$$CSPErrorTradeLicense. In such a case, you may have to call the Login function again to trade a license. If you are calling merely to trade a license (type=1), then if the license trade fails, Login will return a status of $$$CSPErrorTradeLicense.
| Logout | ( | _.Library.Integer | force | ) |
This call logs out the current session.
The EndSession is not set to 1.
This call uses the stored security context from the Event Class Context to call "OnLogout" Event Class callbacks, so the caller of Logout() must have sufficient privileges to call $System.Security.Users.ImportSecurityContext() if callbacks exist. The OnLogout callback may set EndSession to 1, if desired. The Session is logged out only if there are no callbacks, the "OnLogout" callbacks return $$$OK, or 'force' is true. If the caller has the All role, the login cookie will also be destroyed and any pending second factor tokens for this session will be deleted. Note: Caller must do a SaveData() on the session instance
| LogoutAll | ( | _.Library.String | username | ) |
Logout all CSP sessions for the indicated user.
Callbacks can't stop logout The login cookie and any pending-second-factor logins are cancelled. Note: username="" implies username=$username. Note: $Roles must have "%All" to call this Note: LogoutAll calls SaveData on the changed sessions.
| _.Library.String Next | ( | _.Library.String | index | ) |
Return the next index in the user data <property>Data</property>.
This
has been deprecated in favour of the faster syntax:
Write $Order(session.Data(index))
| Set | ( | _.Library.String | index, |
| _.Library.String | value | ||
| ) |
Set the value of the user data at index to value.
This is
equivalent to:
Set session.Data(index)=value
It is faster to access the property directly rather than use the <method>Get</method> and <method>Set</method> methods. These are kept for backward compatibility.
| SetPersistentHeader | ( | _.Library.String | name, |
| _.Library.String | value | ||
| ) |
Set a persistent HTTP header values in the session object so it will be output for every response from this session.
If there is already a header with this name then this will overwrite this prioir header.
| _.Library.Status Unlock | ( | _.Library.Boolean | save | ) |
Unlock the ^cspSession global so that another process can access this objects storage.
at the same time. Normally all accesss to the session object is serialised so that only one process can modify the session object at any time. So if you are using frames for example the same CSP user will make requests to get all frames at once, but these will be serialised on the application server side. If you know that a frame will take a while to generate but you do not wish this to hold up the generation of the other frames and you do not need to modify the session object you can call Unlock to unlock this session object so other processors can access it. This should be used with care. The save is for internal use only, by default when you call Unlock if the session is modified we will save the changes before unlocking the session.
| AppTimeout |
Specifies the timeout value for the session in seconds.
If no user requests are received within the specified time period, then the session will end. The default value comes from the CSP application setting for the application that the session starts in which is set in the configuration manager, this is often 900 seconds or 15 minutes. Note that if you start a session in one applicaiton and move to another application the AppTimeout will not be changed to the new applications timeout value, if you wish to modify this when the application changes you can use the session events 'OnApplicationChange' method.
For no timeout, set this property to 0.
| Application |
Stored the CSP application name so we can detect when the CSP application has changed.
This is required so we can revalidate the user against any security permissions the other application requires that the first application does not. This is not set until the security context for this application is validated.
| BrowserName |
This property contains the browser name based on parsing the HTTP_USER_AGENT CGI variable.
This property is set once when the session is created. Possible values are "IE", "Mozilla", "Netscape", "Safari" and "". Not all possible browsers are suppported and the value "" is used for unknown browsers. "Mozilla" is used for all Mozilla based browsers such as Mozilla and Firefox.
| BrowserPlatform |
This property contains the browser operating system based on parsing the HTTP_USER_AGENT CGI variable.
This property is set once when the session is created. Possible values are "Windows", "Macintosh", "X11" and "". Not all possible browsers are supported and the value "" is used for unknown browsers.
| BrowserVersion |
This property contains the browser version based on parsing the HTTP_USER_AGENT CGI variable.
This property is set once when the session is created. The version is "" or in the format "major.minor". Not all possible browsers are supported and the value "" is used for unknown browsers.
| CSPSessionCookie |
| CreateTime |
The data/time the session was created in UTC.
| Data |
The place users can preserve any data within a session.
You can set values into this
multidimensional property using:
Set session.Data(1,2,"string")="value" Write session.Data("Key1","Key2"),! Merge session.Data(5)=array
This is faster than using the <method>Get</method> and <method>Set</method>
| Debug |
| EndSession |
A flag that you set to '1' to terminate this session upon completion.
of this request.
| ErrorPage |
If set then use this page as the error page rather than the one obtained from the.
CSP application settings.
| EventClass |
The name of the application event class to be called in response to certain CSP events.
This should be a class derived from <class>CSP.SessionEvents</class>. At present the events that are fired are for creation of a new session (OnStartSession), deletion of a session (OnEndSession) and the timeout of an existing session by the CSP daemon (OnTimeout). You can set the event class for a CSP application in the CSP options of the configuration manager. Note that if you set the EventClass inside a CSP page then as the session has already been created at this point it will not fire the OnStartSession event, if the EventClass is set in the CSP application settings then it will fire the start session event as it knows which event class to call before it creates the session.
Note that this adds this event class to the list unless it is already present and will not replace any existing event class. Setting this to "" will not have any effect, if you wish to remove an EventClass then call <method>EventClassRemove</method>
| HttpAuthorization |
If we are passed an 'Authorization' HTTP header the value is stored here to avoid.
attempting to login with this multiple times, for internal use only.
| KeepAlive |
If true and the CSP gateway supports this then use the HTTP keep alive support to reuse the.
TCP/IP connection for any additional HTTP requests. If possible you should also supply the Content-Length header otherwise the CSP gateway will have to buffer the output in order to add the length of the message to the header. The default for this property is true to keep the connection alive where possible except for HTTP/1.0 responses where we will use the default for HTTP/1.0 which is to close the connection on each request.
| Key |
Stores the encryption key used to validate and secure the communication with the browser.
This key never leaves the server.
| Language |
The language (RFC 1766 format) in which pages in this CSP session are to be displayed.
The session Language attribute is used as the default language for csp:text, span and div tags if response.Language is not set. If session.Language is not set by the program, then it will default to the best fit with the HTTP_ ACCEPT_LANGUAGE CGI variable.
| LastModified |
The date/time when this session was last modified in UTC.
| LicenseId |
Internal property that hold the name of the license that this session is associated with.
| Namespace |
The namespace this session was created from.
This is set automatically when the
class is created to the current namespace. It is used by the session daemon so that it can swap to the right namespace to run the timeout method on applications.
| NewSession |
Indicates whether this is the first request of the.
session (True) or a subsequent request (False).
| Preserve |
A flag specifying the level of state preservation required by.
this session. You can change the value of this flag at any time.
This can take one of the following values:
| ProcessId |
Process Id.
If a session has Preserve=1 this contains the process id in which the session is running.>
| Referrer |
Original referrer when session was created, copied from the HTTP_REFERER request value.
| RunNamespace |
| SecureSessionCookie |
Internal property to determine if we should send the 'secure' flag with the sessionId cookie.
| SessionId |
The session id value for this session.
The session id is a system-assigned unique value that identifies this session.
| SessionScope |
Property to determine how strictly to restrict the domain of the sessionId cookie.
Options are None (0), Lax (1), and Strict (2), where Strict means the cookie can only be used within the current application. Defaults to the CSP application's corresponding setting. Applications default to Strict unless otherwise configured. Note that None is invalid for insecure (HTTP) connections.
| UseSessionCookie |
Indicates whether sessions should be maintained using cookies or not.
There are three
possible values:
Contains the HTTP_USER_AGENT CGI variable passed in the initial session request.
| UserCookieScope |
Property to determine which SameSite attribute to send with user-created cookies.
Options are None (0), Lax (1), and Strict (2). Defaults to the CSP application's corresponding setting. Applications default to Strict unless otherwise configured. Note that None is invalid for insecure (HTTP) connections.
| Username |
The username this CSP session is logged in as.
1.9.1