As you probably know, in addition to signing URLs in the contents of pages delivered to the client, UAG also performs a similar process with cookies sent by the server. The reason is the same — to be able to match the cookies to the application the user is using and forwarding them to the correct backend server, and only it. However, occasionally you might find yourself needing to avoid that process. Typically, this would be required for applications that have client-side handling code, which would not be able to see these cookies, as their name is different from what the application would be expecting.
One specific example of this is PeopleSoft, which uses multiple cookies, and quite a lot of client-side code to handle them. When publishing this application with the standard template, UAG will sign all the cookies, and that will cause the client-side code to think the user's session with the PeopleSoft server has expired, and send him/her to an error page:
This type...