Advanced junction configurationEdit online Most standard junction options are also supported by virtual host junctions. Mutually authenticated SSL junctionsTCP and SSL proxy junctionsWebSEAL-to-WebSEAL junctions over SSLStateful junctionsForcing a new junctionUse of /pkmslogout with virtual host junctionsPolicies can be attached to pkmslogout, but WebSEAL does not always apply the policies.Junction throttlingManagement of cookiesWebSEAL can host cookies on behalf of browsers and provide them to backend applications in forwarded requests. These stored cookies are held in the session cache, or cookie jar, rather than being sent to the browser. Passing of session cookies to junctioned portal serversA Web portal is a server that offers a broad array of personalized resources and services. The –k junction option allows you to send the Verify Identity Access session cookie (originally established between the client and WebSEAL) to a back-end portal server. Support for URLs as not case-sensitiveJunctions to Windows file systemsStandard junctions to virtual hostsUTF-8 encoding for HTTP header dataBypassing buffering on a per-resource basisWebSEAL uses an internal buffer when processing data sent in requests to WebSEAL and responses from junction applications.WebSocketsWebSEAL can proxy WebSocket connections between clients and junctioned web servers. In the WebSEAL default configuration, all WebSocket requests are rejected.Matching the common name (CN) and subject alternative name (SAN)You can enhance server-side certificate verification through common name (CN) and subject alternative name (SAN) matching.Parent topic: Standard WebSEAL Junctions