OE11.7 PASOE Basic Authentication JSESSIONID - Forum - OpenEdge Deployment - Progress Community

OE11.7 PASOE Basic Authentication JSESSIONID

 Forum

OE11.7 PASOE Basic Authentication JSESSIONID

This question is answered

HI All 

I have recently upgraded my PAS instance from 11.6.3 to 11.7.

I am using Basic Authentication in 11.6 and i also managed to turn on the creation of the JSESSIONID in the OE 11.6 by setting the following value in the basic-oearealm.xml

e.g.

************************************************************************************************

<!-- This HTTP security space represents the WSPD and controls
the authentication/authorization process to its dynamic/static content.
ALTER THIS SECTION TO MEET YOUR PRODUCTION DEPLOYMENT REQUIREMENTS

CJB - Set the create-session to "ifRequired" to force as JSESSIONID cookie to be created

always – a session will always be created if one doesn’t already exist
ifRequired – a session will be created only if required (default)
never – the framework will never create a session itself but it will use one if it already exists
stateless – no session will be created or used by Spring Security
-->

<http pattern="/web/**"
auto-config="false"
use-expressions="true"
create-session="ifRequired"
disable-url-rewriting="true"
authentication-manager-ref="oeablApplicationAuth"
realm="OpenEdge" >

********************************************************************************************

I can't see a way of turning this on in the new OE11.7.2 environment. 

Thanks

Christian.

Verified Answer
  • Hi Christian,

    You can go to webapps/<WebAppname>/WEB-INF/spring/basicLoginModel.xml and modify it for the WEB transport. Because this is not something that we generally set, so we do not have a property for it in oeablSecurity.properties.

    Regards,

    Irfan

All Replies
  • Hi Christian,

    You can go to webapps/<WebAppname>/WEB-INF/spring/basicLoginModel.xml and modify it for the WEB transport. Because this is not something that we generally set, so we do not have a property for it in oeablSecurity.properties.

    Regards,

    Irfan