Can one cookie be shared by multiple users logged on to the same device?

Question

I'm trying to set up a web application so that it handles permissions based on the device being used to open the application. For example, any users who logged on to Device A can access www.example.com/Site/1, and any users who logged on to Device B can access www.example.com/Site/2.

But, all users have to log on to the device, so it seems that the cookie needs to be created for each user who logged on a device.

Is it even possible to share a cookie between multiple users as long as they are logged on to the same device?? I've been searching but I just can't find any information on this.

Answer 1

Cookies are set on a per-user basis only. If they were not, it would have been a major security breach.

Therefore, the answer to the question "Can one cookie be shared..." is NO.

Answer 2

A cookie jar is unique per browser + physical machine + user profile.

On a PC, there can be several user profiles, one per user. So users in this situation would have separate cookie jars and therefore cannot share cookies.

On a phone, there is usually no notion of separate user profiles (when you unlock a phone you don't tell it who you are, it just assumes you are the one and only owner). So in this case, there is only one cookie jar, and anyone who picks up the device and uses it will use the same set of cookies.

A tablet may be different. If the user has to sign on to use the tablet, and in so doing provides a unique user name, it is likely they will also have an independent cookie jar and therefore cannot share cookies. If they do not sign on to use the tablet, they are probably all using the same cookies.