Is it possible to re-use Single Sign-On Session variable?

Stephen Van Rooyen shared this problem 16 months ago
Resolved

Hi Guys,


I'm using Single Sign-On to view a dashboard.

e.g. http://localhost:8080/logon.i4?LoginWebserviceId=02ecd3fc89f38a0c01ebe2a4ebc360cf&entry=VIEWDASHBOARD&DASHBOARDUUID=1e68d9cc-fa5a-44e2-816d-782aa40ceeae

When I try to use that same Session Id to view a different dashboard, I get the Login screen.

e.g. http://localhost:8080/logon.i4?LoginWebserviceId=02ecd3fc89f38a0c01ebe2a4ebc360cf&entry=VIEWDASHBOARD&DASHBOARDUUID=e7409ff2-f846-44e1-a603-b78ec51b20b9

Is it possible to re-use the same Session ID, for the second dashboard call instead of loggin in every single time.


I suspect the reason is that it is trying to login a second time with the same Session ID, my assumption is based on the fact that the url is logon.i4.

If possible, What would the URL be for the second dashboard call to re-use the same Session ID.


Regards,

Stephen

Comments (15)

photo
1

Hi Stephen,

The session itself is re-useable, but the login webservice id is actually more of an authentication token. So it is used to create a valid session within the application, and then becomes invalid. If you are trying to re-direct users once they are logged in you can use the regular URL without passing the login-webservice id. So to direct to a dashboard, you would use the following url format, with your own dashboards uuid:

http://localhost:7474/RunDashboard.i4?dashUUID=e7409ff2-f846-44e1-a603-b78ec51b20b9&primaryOrg=1&clientOrg=1

Let me know if this makes sense.

Regards,

Nathan

photo
1

Hi Nathan,


Thnaks for the suggestion, I will give it a try.


Regards,

Stephen

photo
1

Sounds good, let me know if you have any more questions.

Nathan

photo
1

Hi Nathan,


Thanks for the suggestion, seems to be what I was looking for.

However it brings with it a few more challenges.

Is there a way to check whether a session is still active?


Regards,

Stephen

photo
1

Hi Stephen,

There are a few ways to check that, but the easiest is to just try and make a connection and see if the server throws an error saying that session was timed out. What is the larger goal here?

Regards,

Nathan

photo
1

Hi Nathan,


This is for an ISV implementation, using Tight integration (customer has a concurrent license).


Using web services they generate a session id, then within there application they call different dashboards.

The first of which will use the login.i4 page passing the session Id, and all subsequent calls will call RunDashboard.i4 (as per your suggesion)

In order to prevent the user being presented with a Yellowfin login page within the customers application, due to an inactive or expired session for example we would like to very that the session is still active.

Another reason is to avoid having many orphan sessions (baring in mind that the user has a concurrent license) so they can have many active sessions per user.


Regards,

Stephen

photo
1

Hi Stephen,

Sorry for the delay here. To confirm are you using Iframes, the JS-API, or primarily are reliant on the custom header?

If you are simply re-routing a user around the application, the best way to check if they are timed out is to try to re-route them again or reload the page. If the session is timed out, Yellowfin will detect it and try to push you back to the login screen.

It is also possible to check the currenly active sessions using jsp pages.

Let me know your thoughts.

Nathan

photo
1

Hi Nathan,


The customer is currently testing using either iframes or object tags.

They are using tight integragration with single sign-on (custom headers and footers).

They are unable to use the JsAPI since the JsAPI does not support Client Orgs.

If we re-log the user everytime we open a dashboard for example, this will cause many open sessions (as previously stated the customer has a concurrent license with a generic user login which means the generic user can be logged in multiple times).

We do not want the user to be pushed to the login screen (the users dont know the generic users login details), hence the reason why we need to check that the session is still active.

Please can you provide sample/pseudo code example of how to check the active session using jsp pages.

Regards,

Stephen

photo
1

Hi Stephen,

I can throw together a sample of this this afternoon, but in the meantime, I forgot about this setting which might be relevant here. You can set a custom timeout page so that when the application does the timeout, you can navigate the user back to your application:

d1d85cf103fd9c4daa368eb6a6399594Nathan

photo
1

Hi Nathan,


The timeout page is not really an option as I said before we do not want the user to be re-routed anywhere.

I dont think we on the same page here.

From within the Customer's application there are links to a few different dashboards.

The first dashbaord call will undoubtedly have to login the user, creating the session (session id).

All subsequent calls needs to use the same session (session id), hece my question.

Is there a way to check the validity of a session id, (i.e is it valid, is it active or expired , etc)

Based on the result, i will then either call the next dashbaord or re-loggin the user.

If you can send me a sample of how to this, it will be greatly appreciated.

I hope this make sense.


Regards,

Stephen

photo
1

Hi Stephen,

Do you have a few minutes to chat on this? I think I am not properly explaining the functionality here :)

"All subsequent calls need to use the same session"- Once logged in, the session is automatically maintained by the browser. The session validity is checked by Yellowfin each time a request is made for a new page. If the session is no longer valid, Yellowfin will detect this and forward you to the timeout page. There is no need for you to check the sessions manually.

You can use this functionality to achieve what you are seeking. Essentially, as long as Yellowfin allows you to go to the next page(dashboard) you can assume the session is still valid.

If it forwards you to the timeout page you will know that the session has been timed out. The timeout page is customizable specifically for this reason.

In your case, you can replace the timeout page with a script that re-logs your user in, and forwards them to the dashboard they were originally trying to visit, (No matter how you do this you will have to re-route through the login page)

Let me know if this makes sense, and if not lets arrange a time to chat.

Regards,

Nathan

photo
1

Attached a session checking jsp

photo
1

Thanks I will give this a go.

If I dont manage to come right we can set up a chat session.


Regards,

Stephen

photo
1

Sounds good, let me know if so.

Nathan

photo
1

Hi Stephen,

As I have recently transferred to another role within Yellowfin, and will no longer be working support cases, I am going to close this ticket.

If you are still having problems here, please raise a new ticket so that another person on staff can take over. I would also recommend linking back to this ticket so that the next person has a good starting point.

Thanks and best regards,

Nathan