2.2.3.4 AuthorizationCookie

An object returned by the server on successful completion of the GetAuthorizationCookie (section 2.2.2.1.1) operation.

Defined in namespace: http://www.microsoft.com/SoftwareDistribution.

 <s:complexType name="AuthorizationCookie">
   <s:sequence>
     <s:element minOccurs="0" maxOccurs="1" name="PlugInId" 
        type="s:string" />
     <s:element minOccurs="0" maxOccurs="1" name="CookieData" 
        type="s:base64Binary" />
   </s:sequence>
 </s:complexType>

PlugInId: Name identifying the Authorization PlugIn issuing the AuthorizationCookie.

CookieData: An opaque sequence of one or more bytes containing implementation-specific authorization and authentication information for use by the server. The format of this data, including the type of encryption used, if any, is implementation-specific. Different server implementations can use different data formats that are not always compatible. A server SHOULD return an InvalidCookie error if passed an AuthorizationCookie that a client obtained from another server.

The data SHOULD include the client ID and the target groups to which the client belongs. The server can implement authentication by using the client ID and can implement authorization by using both the client ID and target groups. This element MUST be present.