SN System Properties Reference
Property reference

glide.ui.rotate_sessions

The glide.ui.rotate_sessions property enables the rotation of HTTP session identifiers to enhance security. Admins should ensure this setting is enabled to mitigate potential vulnerabilities associated with session management.

Default: true Type: boolean Application: Global

Key questions about this property

The answers below summarize the purpose, scope, default effect, and review scenarios for this property.

What does it do? This property configures the system to rotate session identifiers, which helps reduce the risk of session hijacking and other security threats.
What area does it affect? Session Management
What does the default mean? The default value is "true", which means this behavior is enabled by default.
When should you review it? Review this property during security audits or when assessing session management practices.

Out of the box property record

Raw metadata from the property record.

Property name glide.ui.rotate_sessions
Sys ID 84b035ea0a0a0be7447f5ba3388b2b40
Type boolean
Application Global
Default value true
Description Rotate HTTP session identifiers to reduce security vulnerabilities. see: http://www.owasp.org/index.php/Session_Management#Rotate_Session_Identifiers
Updated 2024-05-25 04:02:39

Sources

Official references and nearby text excerpts where this property appears.

Documentation excerpt View supporting context
Context preview Snippet 1
... by default. Session Rotation is a security control to enforce alteration of sessionID whenever the user navigates from un- authenticated page(s) to authenticate page(s). Either update the value of the glide.ui.rotate_sessions system property to true OR insert this system property with a value of true. Documentation sn_SE10202 1 Act Secure Session Cookies should be enabled Session cookies are sensitive data and ...
Documentation excerpt View supporting context
Context preview Snippet 2
... enumerate all open ports on a given host or pull response data, leading to information leak or unauthorized data access. Rotate HTTP session identifiers • Description ◦(Old‎ <blank> ◦(New‎ If "glide.ui.rotate_sessions" is not set to the recommended value of "true", then identifying information on a session is kept and not rotated between applications. • Security Risk ◦(Old‎ <blank> ◦(New‎ This increases ...
Additional source link Another external reference for this property
Open reference