[
https://jira.duraspace.org/browse/DS-1245?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=25818#comment-25818
]
Tim Donohue commented on DS-1245:
---------------------------------
Did some digging around. It looks like with DSpace we really only have the
following Cookie(s):
(1) JSESSIONID Cookie
This cookie is generated automatically by Java/Tomcat during the start of a new
user session. It is used to keep the user session "alive". Without this
cookie, currently DSpace cannot keep an authenticated session alive. In other
words, if you disable cookies, you can browse/view content anonymously in
DSpace. But, when you attempt to login/authenticate, your session will not
"stay alive", so you will be unable to perform any actions requiring
authentication. This cookie is used for both the JSPUI & XMLUI.
This JSESSIONID cookie is a Java "Session ID" cookie as described at:
http://en.wikipedia.org/wiki/Session_ID
(2) Google Analytics Cookie(s)
If you've enabled/configured Google Analytics in your DSpace instance, it also
uses its own cookies for tracking. These cookies are named: "__utma" through
"__utmz". Much more information on how Google Analytics uses cookies is
available at:
https://developers.google.com/analytics/resources/concepts/gaConceptsCookies
---
I believe those are the only cookies used by DSpace. At least they are the
only ones that I've noticed my browser picking up when browsing around the Demo
Site (http://demo.dspace.org).
> European Cookie Law Compliance
> ------------------------------
>
> Key: DS-1245
> URL: https://jira.duraspace.org/browse/DS-1245
> Project: DSpace
> Issue Type: New Feature
> Reporter: Bram Luyten (@mire)
>
> Due to e-Privacy regulations in Europe, many websites are now taking measures
> by means of notifying users and in some cases even requesting acceptance for
> storing information in cookies.
> Apart from the session cookie described here
> https://wiki.duraspace.org/display/DSPACE/SecuringDspace I am not aware of
> which information DSpace stores and uses in cookies. So in order to deal with
> this it should be clear what is stored, and based on what is stored, which
> kinds of notifications are required.
> more information:
> http://www.ico.gov.uk/news/blog/2012/updated-ico-advice-guidance-e-privacy-directive-eu-cookie-law.aspx
> http://econsultancy.com/be/blog/9990-the-bbc-unveils-its-eu-cookie-law-solution
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators:
https://jira.duraspace.org/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira
------------------------------------------------------------------------------
Live Security Virtual Conference
Exclusive live event will cover all the ways today's security and
threat landscape has changed and how IT managers can respond. Discussions
will include endpoint security, mobile security and the latest in malware
threats. http://www.accelacomm.com/jaw/sfrnl04242012/114/50122263/
_______________________________________________
Dspace-devel mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/dspace-devel
