Reading JSESSIONID from PASOE call - Forum - Mobile - Progress Community

Reading JSESSIONID from PASOE call

 Forum

Reading JSESSIONID from PASOE call

This question is not answered

Hi,

We are using a rest interface to access business entities on PASOE using JSDO from a SPA and using oerealm forms auth with spring security and a custom hybrid realm auth class. We are using enablecp and ccid. However it seems the JSESSIONID is not passed to the ABL business logic and would be ideal if we could read this in the activate proc. Is there any way to do this?

Regards

All Replies
  • I am looking for proof/doc but I had thought it was in the SESSION:SERVER-CONNECTION-ID attribute.
     
  • No it doesn't look like it. I tried SESSION:SERVER-CONNECTION-ID, SESSION:CURRENT-REQUEST-INFO:ClientContextId, SESSION:CURRENT-REQUEST-INFO:SessionId. Lots of calls via the Jsdo with all the above differing in values but no consistent passing through of JSESSIONID

  • I see it in the SESSION:SERVER-CONNECTION-ID when I enable the CCD property in the OEClientPrincipalFilter bean, in oeableSecurity*.xml.

    <b:bean id="OEClientPrincipalFilter"            
        class="com.progress.appserv.services.security.OEClientPrincipalFilter">
    
      <b:property name="enablecp" value="true" />
      <b:property name="ccid" value="true" />
    
      <!-- other properties commented out -->
    </b:bean>

    Captured the header in Fiddler:
    cookie: JSESSIONID=DFAE79356FE46625F2B500F9BF6BA26E1BAA759C2031.test1

    And logged in ABL:
    [17/02/03@11:43:12.211-0500] P-024420 T-017940 1 AS-7 APPL SERVER-CONNECTION-ID=DFAE79356FE46625F2B500F9BF6BA26E1BAA759C2031.test1


  • I don't see that. We are using 11.6.3.00 PASOE. Our config file is not using std naming, it is called advantage-form-oerealm.xml and this is referenced in web.xml, although doubt that is adding to the problem.

    In my XML, the config is as follows:

       <b:bean id="OEClientPrincipalFilter"

                class="com.progress.appserv.services.security.OEClientPrincipalFilter">

                <b:property name="enablecp" value="true" />

                <b:property name="ccid" value="true" />

                <b:property name="domain" value="mydomain" />

                <b:property name="key" value="XXXXX" />

                <b:property name="expires" value="1200" />

                <!--

                <b:property name="registryFile" value="" />

                <b:property name="roles" value="sample" />

                <b:property name="authz" value="false" />

                <b:property name="expires" value="600" />

                <b:property name="accntinfo" value="true" />

                <b:property name="properties" >

                   <b:map>

                        <b:entry key="prop-1" value="string1"/>

                        <b:entry key="prop-2" value="string2"/>

                   </b:map>

                </b:property>

                <b:property name="anonymous" value="true" />

                <b:property name="appName" value="OE" />

                -->

       </b:bean>

    COOKIE:

    Cookie: JSESSIONID=707A165C7F1E95AD3889855E8D7BAA876CD5F7D3B8A6.AdvantageWeb

    In the PASOE activate proc, this is logged:

    [17/02/03@17:25:59.347+0000] P-016028 T-017312 1 AS-18 APPL           [PASOE_ACTIVATE] SESSION:SERVER-OPERATING-MODE                                   = Session-free

    [17/02/03@17:25:59.347+0000] P-016028 T-017312 1 AS-18 APPL           [PASOE_ACTIVATE] SESSION:SERVER-CONNECTION-ID                                    =

    [17/02/03@17:25:59.347+0000] P-016028 T-017312 1 AS-18 APPL           [PASOE_ACTIVATE] SESSION:SERVER-CONNECTION-CONTEXT                               =

    [17/02/03@17:25:59.347+0000] P-016028 T-017312 1 AS-18 APPL           [PASOE_ACTIVATE] SESSION:CURRENT-REQUEST-INFO:ClientContextId                    =

    [17/02/03@17:25:59.347+0000] P-016028 T-017312 1 AS-18 APPL           [PASOE_ACTIVATE] SESSION:CURRENT-REQUEST-INFO:SessionId                          = 18

    [17/02/03@17:25:59.347+0000] P-016028 T-017312 1 AS-18 APPL           [PASOE_ACTIVATE] SESSION:CURRENT-REQUEST-INFO:GetClientPrincipal() isValidHandle = no

  • I’m trying to repro my steps that showed the value but to no avail. This smells more and more like a bug to me – can you please contact Tech Support.
  • Disable the ClentPrincipal bean, configure the RealmAuthProvider as below

    <b:property name="key" value="XXXXX" />

                <b:property name="createCPAuthn" value="true" />

               <b:property name="userDomain" value="mydomain" />

               <b:property name="authz" value="true" />

               <b:property name="sealClientPrincipal" value="true" />

               <b:property name="expires" value="1200" />

               <b:property name="properties" >

                   <b:map>

                        <b:entry key="prop-1" value="string1"/>

                        <b:entry key="prop-2" value="string"2/>

                   </b:map>

               </b:property>

               <b:property name="userDetailsService">

                           <b:ref bean="OERealmUserDetails"/>

               </b:property>

    You should be able to get the JSESSIONID either by SESSION:CURRENT-REQUEST-INFO:SessionId or SESSION:CURRENT-REQUEST-INFO:ClientContextId

    Regards,

    Irfan