Enabling server-side session management#

By default, AEN uses client-side session management which is vulnerable to session replay attacks if an attacker manages to steal a valid session ID of a user.

To enable server-side session management: