SpecialClientGenerateAndValidateSessionID

This flag defines whether the messages will be exchanged between the Rich or Web Client, and the server with enhanced security.

When this flag is set to Y then the server generates and verifies the Session ID (SI) in addition to Context ID (CTX) and Session Counter (SESSION) in each HTTP request starting from the second request that RIA or Web Client sends to the server. On mismatch, the server denies any requests from the hijacking client whereas continues the session with the authentic client.

This flag is not supported for Broker.

Valid values: Y, N

Default value: N

Since version: 4.5