cancel
Showing results for 
Search instead for 
Did you mean: 

Deactivate Netweaver Cookies for specific scenario

AndyK
Explorer
0 Kudos

Hello,

we have an issue with a mobile application using cookies. Best would be to deactivate all cookies in the response. My question now is how to achive that no cookies are sent in the HTTP header response.

Sohow to delet these 3 cookies in the reponse header

set-cookiesaplb_*= ...............................; Version=1; Path=/; HttpOnly
set-cookieJSESSIONID=......................................; Version=1; Path=/; HttpOnly
set-cookie

JSESSIONMARKID=............................; Version=1; Path=/; HttpOnly

Regards,
Andreas

View Entire Topic
0 Kudos

Hi Andreas

saplb and JSESSIONID are not able to be deactivated because they are required during navigation in a java session.

saplb: used to identify the application server and java server node

JSESSIONID:identify a http session

However if you want you may disable Jsessionmarkid.

JSESSIONMARKID: additional session id for security reason.

please have a look at this document for detail

http://scn.sap.com/blogs/sro/2012/05/10/implementing-secure-session-management-for-sap-netweaver-jav...

Best regards,

Victor