Login ProductsSalesSupportDownloadsAbout |
Home » Technical Support » Elevate Web Builder Technical Support » Support Forums » Elevate Web Builder General » View Thread |
Messages 1 to 8 of 8 total |
Reuse authentication cookie an a second browser tab |
Tue, Jan 19 2021 12:13 PM | Permanent Link |
Anthony | My EWB App has a login screen which prompts for the username and password which I authenticate against the web server or show a message if the combination is incorrect. On successful authentication I load the data form.
I can continue to use this until the session expires default 30 mins of no activity. However if I refresh the browser page it reloads the application before the timeout expires and I cannot find a way of reconnecting to the previously still valid session and have to log in again. The same is also true if I open another tab with the same URL. If I use the API URL in a different browser tab to navigate to the database I can still connect and display the JSON values. I was hoping to achieve something like office.com where once logged into a browser I can continue to use any of its Apps without having to login on every tab such as outlook.office.com and tasks.office.com especially as the cookie is still valid in the browser. Is there a way this can be achieved? |
Fri, Jan 22 2021 12:23 PM | Permanent Link |
Tim Young [Elevate Software] Elevate Software, Inc. timyoung@elevatesoft.com | Anthony,
<< My EWB App has a login screen which prompts for the username and password which I authenticate against the web server or show a message if the combination is incorrect. On successful authentication I load the data form. I can continue to use this until the session expires default 30 mins of no activity. However if I refresh the browser page it reloads the application before the timeout expires and I cannot find a way of reconnecting to the previously still valid session and have to log in again. The same is also true if I open another tab with the same URL. If I use the API URL in a different browser tab to navigate to the database I can still connect and display the JSON values. I was hoping to achieve something like office.com where once logged into a browser I can continue to use any of its Apps without having to login on every tab such as outlook.office.com and tasks.office.com especially as the cookie is still valid in the browser. Is there a way this can be achieved? >> The EWB session ID cookie is a "session" cookie and so it will live as long as the current browser session and then be discarded. Refreshing a browser tab will cause the browser to start a new browser session, as will opening a new browser tab. I can look into allowing the session cookies to persist across refreshes, etc. but there may be some issues with doing so. Tim Young Elevate Software www.elevatesoft.com |
Fri, Jan 22 2021 4:45 PM | Permanent Link |
Anthony | Tim Young [Elevate Software] wrote:
<<The EWB session ID cookie is a "session" cookie and so it will live as long as the current browser session and then be discarded. Refreshing a browser tab will cause the browser to start a new browser session, as will opening a new browser tab. I can look into allowing the session cookies to persist across refreshes, etc. but there may be some issues with doing so.>> Tim, this is not the case if I open another tab and paste the URL of a database configured on the server I continue to get the JSON results and can browse through the various datasets. https://localhost/databases/mydatabase/mydataset/data Are you saying this shouldn't be happening? Anthony |
Sat, Jan 23 2021 11:25 AM | Permanent Link |
Tim Young [Elevate Software] Elevate Software, Inc. timyoung@elevatesoft.com | Anthony,
<< Tim, this is not the case if I open another tab and paste the URL of a database configured on the server I continue to get the JSON results and can browse through the various datasets. https://localhost/databases/mydatabase/mydataset/data Are you saying this shouldn't be happening? >> I don't know what you're seeing there. I'm telling you what happens with the sessions when I actually watch the web server respond to requests from a browser (Edge, with Chromium engine) coming from one or more tabs. Tim Young Elevate Software www.elevatesoft.com |
Tue, Jan 26 2021 2:43 AM | Permanent Link |
Anthony | Tim Young [Elevate Software] wrote:
<<I don't know what you're seeing there. I'm telling you what happens with the sessions when I actually watch the web server respond to requests from a browser (Edge, with Chromium engine) coming from one or more tabs.>> That is not what i'm experiencing here, if I authenticate against the web server in one tab, then close the tab. I can open another tab and the browser continues to send the token and I can continue to browse all the datasets even if I have not requested them via the EWB App using the URLs https://localhost/databases/MyDatabase/Dataset1/data and https://localhost/databases/MyDatabase/Dataset2/data until the sessions cookie times out after 30 mins or longer as each request appears to extend the expiry time of the session cookie. My hope was to be able to achieve the same with the EWB App as the session cookie is clearly still present in the Edge with Chromium engine browser but as I am unable to pass the ServerSession to the Database then I am unable to authenticate. |
Wed, Jan 27 2021 3:22 PM | Permanent Link |
Tim Young [Elevate Software] Elevate Software, Inc. timyoung@elevatesoft.com | Anthony,
<< That is not what i'm experiencing here, if I authenticate against the web server in one tab, then close the tab. I can open another tab and the browser continues to send the token and I can continue to browse all the datasets even if I have not requested them via the EWB App using the URLs https://localhost/databases/MyDatabase/Dataset1/data and https://localhost/databases/MyDatabase/Dataset2/data until the sessions cookie times out after 30 mins or longer as each request appears to extend the expiry time of the session cookie. >> I'm not sure what I was seeing before, but now Edge is preserving the cookie across tabs when I test (both via the example applications and via URLs). I might have been setting the protocol as "http" instead of "https", and that could have been why I was seeing the cookie refreshes in the web server. There does seem to be an issue if the Internal web server is set up for https access via the Server Manager, but is then accessed using an http URL in the Edge browser - the browser gets caught in a race condition or something whereby it just keeps trying to re-authenticate because it isn't accepting the cookie being sent back from the web server. Chrome and Firefox work fine, however, so I think this is a bug in Edge. Tim Young Elevate Software www.elevatesoft.com |
Tue, Feb 2 2021 6:00 AM | Permanent Link |
Anthony | Tim Young [Elevate Software] wrote:
<<I'm not sure what I was seeing before, but now Edge is preserving the cookie across tabs when I test (both via the example applications and via URLs)>> I'm seeing this persistent (until expiry) cookie in Chrome also, my EWB App has a login page on start-up and the anonymous user is disabled so if I load my EWB App in a different tab the login page is disabled and the user has to reauthenticate. How can I use the still present cookie to reauthenticate the user automatically - similar kind of experience to opening multiple Office 355 tabs. Thanks Anthony |
Tue, Feb 2 2021 12:13 PM | Permanent Link |
Tim Young [Elevate Software] Elevate Software, Inc. timyoung@elevatesoft.com | Anthony,
<< I'm seeing this persistent (until expiry) cookie in Chrome also, my EWB App has a login page on start-up and the anonymous user is disabled so if I load my EWB App in a different tab the login page is disabled and the user has to reauthenticate. How can I use the still present cookie to reauthenticate the user automatically - similar kind of experience to opening multiple Office 355 tabs. >> Again, EWB doesn't handle cookies in client applications, the browser does. EWB does or does not get a cookie based upon the rules defined by the browser, so if you are not seeing the session cookie in different tabs in the browser, then EWB has no control over that. Client EWB code can't even *see* the cookie because the EWB 3 Web Server always marks it as HTTP-only. Tim Young Elevate Software www.elevatesoft.com |
This web page was last updated on Friday, September 13, 2024 at 03:42 PM | Privacy PolicySite Map © 2024 Elevate Software, Inc. All Rights Reserved Questions or comments ? E-mail us at info@elevatesoft.com |