I have an issue I have no technical knowledge of. To make it brief, I am an IT guy that has a concern that our AS400 devs on an IBM Power8 have an older web application that has no cookies for user authentication. It seems like they use a random hash of numbers at the end of the URL to authenticate the user.. even super admins.
Is the lack of cookies used something I should be worried about? It seems the URL itself can be used on any other system on the internet without having to authenticate if done during the session being open.
Could this be a situation where a development team would need to create a cookie system for this web application? It sounds daunting.
With only understanding Linux+ap ache/nginx or Windows+ IIS, what am I dealing with? I'm only familiar with DB2 being used as the backend to a separate front end web server. But I know people do run things like this I could have sworn were authenticated via encrypte d cookies.
If I am "too" concerned over this I assume this group would be the best to set me straight. https://100001.onl/
issue got slved
#QRadar#Support#SupportMigration