OpenSSO / OpenAM Session Cookie Decoder
SSOCircle Toolbox Series Part 1
Understanding the “iPlanetDirectoryPro” session cookie can be key to debugging problems like OpenSSO / OpenAM internal session rooting, persistence problems and misconfiguration.
The SSOCircle Toolbox OpenSSO / OpenAM session decoder: http://idp.ssocircle.com/sso/toolbox/ossoDProDecode.jsp
The iPlanetDirectoryPro Cookie is used by OpenSSO and OpenAM to reference a specific user session. It consists of an unique random identifier marking the session, a base64 encoded extension part and a tail value. The Extension part itself holds information for internal session routing (some keys are optional and depend on the system architecture):
- The Site ID
- Server Instance ID
- Storage Key for Session Failover (optional and not displayed by the tool)
- Tail Value after the “#” (optional and not displayed by the tool)