what must you do?

To encrypt userID cookie, what must you do?

To encrypt userID cookie, what must you do?

A.
Edit propertycookieHashKey of/atg/userprofiling/CookieManager.

B.
Add encryptionKey on /atg/userprofiling/ProfileTools.

C.
Ensure property securityStatus of user is SECURE-SIGNin.

D.
Set property secured = true of component CookiePipelineServlet.

Explanation:
To change the secret key that the Personalization module uses to hash the user ID
cookie, edit the following property of/atg/userprofiling/CookieManager:
Note: cookieHashKeySets the hash key to use for hashing user ID cookies. If this property is set,
its value is used for the hash key rather than a value generated by the HashInitializer component.
Sets a secret key that the Personalization module uses to hash the user ID cookie. This behavior

makes user cookies more secure and prevents users from using another user’s profile by
changing their cookie. Invalid profile cookies are ignored. You may want to change this from the
default value, so that your site’s cookies will be hashed with a different key from that used by other
sites that run ATG products.
ATG Personalization Programming Guide, Profile Cookie Configuration

Show Hint

Leave a Reply 0

Your email address will not be published. Required fields are marked *