38
Views
8
Comments
Share identifiers and session between Traditional and Responsive applications

Hello,

In our scenario (OS11), we have two applications: 1 is a Reactive application, the other one is a Traditional Web Application and there is a navigation between pages of the two applications. 


What we are trying to do, in the best possible way in terms of security, is to share the same session between the two applications. For instance, keep the session active, with the user logged between the navigation of both applications and synchronize that status in case of logging in/out.

We are considering an exchange of the user id or our session id (a customized id in our environment) between applications in some way (Encrypted parameter, cookies, session/client variables).

Any help will be appreciated.

Best regards.

Jose.


Rank: #1428

Hello Jose Manjavacas 

I would assume the platform already handles the scenario of logged in user session between traditional and reactive. I haven't tested this out but I would assume so, Are you having any issues that the session is not being shared while testing?


Thanks,

Babu

Rank: #91

Hi Jose,

When you nevigate one screen to another screen within or other application you can take input parameter in Screen as a query string when you redirect you need to pass value in this parameter and you can encrypt this parameter and decrypt on other screen with orginal value.

Becasue Session are not available in Reactive app and can not share between other application.

parameter in URL with CryptoAPI

https://www.outsystems.com/forums/discussion/64311/change-parameter-in-url-with-cryptoapi-or-other-solution/


Hope this will help you.

Regards

Rahul

Rank: #6991

Hi Jose,
When you switch between them, Login session is dropping. My suggest is you should store your sessions in CS module. When you switch app, you can use login action for login.

mvp_badge
MVP
Rank: #71

Hi Jose,

Single-Sign On Between App Types can be enabled in Platform Server 11.8.0 and later:

When activated, this option lets users navigate between Traditional, Reactive Web Apps, and Mobile Apps distributed as Progressive Web Apps without having to sign in again. For example, if users sign in into a Traditional Web App, and then navigate to a Reactive Web App, they are signed in automatically in the Reactive Web App. To activate the Single Sign-On Between App Types setting, you need to have HTTPS enabled in the environment. 

Hope this helps!

Regards,

Nordin

mvp_badge
MVP
Rank: #71

Hi Jose,

Only thing I can think of is that you do not have HTTPS enabled for your environment and that is a requirement for SSO between App Types to work properly. Can you make sure these security settings are enabled for your environment:

Regards,

Nordin

mvp_badge
MVP
Rank: #71

Hi Jose,

Normally, if the HTTPS security settings were already enabled and you have only enabled the SSO Between App Types setting in Service Center, it would suffice to just click the new Save and Apply Settings to the Factory button in order to apply the configuration change.

But since the warning message in LifeTime indicates that the HTTPS security settings were changed, it is better to be safe and create and publish an all components solution.

Hope this helps.

Regards,

Nordin