Aligning Sessions between Yellowfin and Host app

Alex Tsay shared this problem 6 years ago
Resolved

Greetings!

I'm integrating a host application with Yellowfin by embedding Yellowfin in an iframe: approach #1, and I'm trying to align Yellowfin's session timeout with my host application's session timeout.

Specifically, when the user is active in Yellowfin, say spent 30 minutes building a report, I need a way to be aware of it so I can keep refreshing the session on the host application.

Couple notes and thoughts:

  • the host application maintains session information entirely on the client side, so the host application's javascript front-end needs to be notified.
  • we have a mean to notify the host application's javascript front-end, the difficult part is in detecting activities in Yellowfin.
  • something like https://help.gooddata.com/display/doc/Aligning+Session+Between+Your+App+and+GoodData will be very helpful, though I'm not aware of a similar feature in Yellowfin.

What are your thoughts?

Best wishes and please advise,

Alex

Replies (8)

photo
1

I'm using Yellowfin 7.3+ build 20170928.

Let me know if I can provide any information to clarify the problem or assist in this endeavour.

photo
1

Hi Alex,

Yellowfin has a table called ActiveSession where a record is kept of current active sessions, you could query that table via web services every minute, that would certainly let you know whether the user is still active in Yellowfin.

And similarly, you can also logout a user from Yellowfin via web services if your host application ever needs to do that.


What do you think of these suggestions?


regards,

David

photo
1

Hi Dave,

This approach sounds promising though I'd need a bit more detail. Can you elaborate on how to use web services to query ActiveSession table? I'm looking at existing web service calls and I'm unable to identify the call I'd need to make.

As an aside, I mentioned that the host application's session is entirely maintained on the client-side, so a javascript solution is preferred. Using a web service call can work, though that means the host application will have to relay through its back-end introducing more complexities.

Best wishes,

Alex

photo
1

Hi Alex,

thanks for making me aware that our Wiki doesn't document the very useful METADATASQLQUERY web service function, I will notify our technical writer about this omission.


I have attached an example of how to use this function (I had to add a TXT file extension to avoid the mail server security). Please take note of the comment at the top of the file that explains about the 2 parameters you must add to your web.xml file.


I have discussed your preference for a javascript solution for checking the status of the Yellowfin session with the rest of my team and nobody knew of a such a js call. However, just to be certain I will contact the developer who wrote the javascript integration and let you know what he says.


regards,

David

photo
1

Hi Alex,


One way to keep your application's session alive is to include an image from your application in a custom Yellowfin Header. Presumably you will have disabled the header on Yellowfin when it is embedded in an iFrame.

Instead of disabling it completely, you could replace this with a custom (yet invisible) header that refers to a resource on your application. This could be a 1x1 pixel image. The request from the iFrame to your application should extend the session in your application whilst Yellowfin is in use. (you may have to make sure that 1x1 pixel image is not cached by the browser).

An alternative to an embedded image, but in a similar vein, is to embed some Javascript in the invisible header. This could call a keep-alive URL on your application via AJAX each time the header is reloaded in the iFrame.

Hope that might give you some ideas to try.

Thanks,

Peter

photo
1

Hi Peter & Dave,

Some relevant information:

- we are using a custom header in Yellowfin, both for customization and for injecting Javascript code.

- as I mentioned earlier, the host application's session is maintained in the client-side cookie, so fetching an image from host application will not refresh the session.

We had taken the approach Peter suggested: embed Javascript to refresh host application's session when the header is loaded. We discovered that this approach is insufficient; the gap is when the user is actively building a report for extended period of time.

One approach we are moving forward with to close the gap is to tap into ajaxStart and use that as an indication of user activities.

In our experiments, using ajaxStart have been fairly reliable and matches our expectations of user activities. What do you think about this approach? Are there cases when Yellowfin session is being extended without a page refresh or an AJAX request?

Sincerely,

Alex

photo
1

Hi Alex,

Answers to your questions:


What do you think about this approach?


This should be ok, and should achieve what you want to do.

Some things to consider though:

- I am not 100% sure whether JQuery is used on every page where AJAX calls are made.

- This is not a supported API so we may make changes to a page that removes JQuery or upgrades JQuery so that is no longer compatible with your code. You'll have to make sure that your scripts are still working after a patch or upgrade.

Are there cases when Yellowfin session is being extended without a page refresh or an AJAX request?

No.

Thanks,

Peter

photo
1

Hi Alex,

I'm cleaning up my work list and I noticed this ticket is still in the "Awaiting Reply" mode, so I'm just wondering how you got on with it?

regards,

David

photo
1

Hi Dave,

We end up moving forward with using ajaxStart to detect user activities and embed a javascript in header.jsp to notify the host application whenever there are user activities.

This approach has worked well for us so far though we've noted that we will need to test this whenever we upgrade Yellowfin.

Regards,

Alex

photo
1

Hi Alex,

very interesting, looks like a good solution to me, hardly any overhead at all, and actually the testing doesn't seem like it would need to be too intensive - just a basic check of the functionality.

Thanks for letting us know!

regards,

David

photo
Leave a Comment
 
Attach a file