Skip to main content


         This documentation site is for previous versions. Visit our new documentation site for current releases.      
 

This content has been archived and is no longer being updated.

Links may not function; however, this content may be relevant to outdated versions of the product.

How Process Commander uses HTTP cookies

Updated on April 25, 2019

Summary

A developer asks: Does Process Commander use cookies?  If so, what information is stored in them and what steps are taken to prevent them from being altered?

Suggested Approach

The only cookies used in Process Commander contain a session id.   No application-specific data is stored in cookies.  Examples of the cookies used are shown in the images below.

The Web server sets a cookie similar to the following (from Tomcat 4.1.x):

In addition, Process Commander sets a cookie similar to the following:

The session cookie value is an MD5 (message digest) hash that serves as a session identifier. 

This conveys no other information and cannot be easily guessed nor easily modified into another valid value.

Have a question? Get answers now.

Visit the Support Center to ask questions, engage in discussions, share ideas, and help others.

Did you find this content helpful?

Want to help us improve this content?

We'd prefer it if you saw us at our best.

Pega.com is not optimized for Internet Explorer. For the optimal experience, please use:

Close Deprecation Notice
Contact us