Customizing cookie settings

Based on the requirements of your IBM® Cognos® environment, you may need to modify the settings that IBM Cognos components use to create cookies. You can use IBM Cognos Configuration to customize the cookie domain, path, and secure flag.

IBM Cognos components determine the cookie domain from the HTTP request submitted by the client, which is typically a Web browser. In most network configurations, HTTP requests pass through intermediaries such as proxy servers and firewalls as they travel from the browser to IBM Cognos components. Some intermediaries modify the information that IBM Cognos components use to calculate the cookie domain, and IBM Cognos components then cannot set cookies. The usual symptom of this problem is that users are repeatedly prompted to log on. To avoid this problem, configure the cookie domain.

To set the correct value for the cookie domain, use the format and value that represents the widest coverage for the host as suggested in the following:

• For the Domain value, use the computer or server name alone. Specify this name without any dots. For example, mycompany
• The Domain value can also specify a suffix. Suffixes include .com, .edu, .gov, .int, .mil, .net, or .org. Include a prefix dot. For example, .mycompany.com
• Other levels can be used in a Domain value. Include a prefix dot. For example .accounts.mycompany.com
• A Path value can further restrict cookies. The most general path is /. A path of /payables restricts the cookie to all paths beginning with "payable" (and all subdirectories). A path of /payables/ restricts the cookie to the "payables" directory (and all subdirectories).

Additionally, for security, administrators can set the HTTPOnly attribute to block scripts from reading or manipulating the CAM passport cookie during a user's session with their web browser. For more information about this attribute, see the IBM Cognos Analytics Administration and Security Guide.