29
Views
5
Comments
Single sign-on between Traditional and React app doesn't work
Question
Application Type
Reactive
Service Studio Version
11.10.5 (Build 37061)
Platform Version
11.9.1 (Build 20359)

We have an existing Traditional Web app and a newly built Reactive app. 

The Login flow is currently handled in the Traditional Web app. We would like to redirect the users from the Traditional to the Reactive app for new features. 

We have already enabled Single sign-on between app types . However, even though having already logged in on Traditional app, users are not recognized on Reactive app and "Registered role required" exception is thrown. When debugging, GetUserId() returns 0.

Is there anybody has an idea about the issue?

mvp_badge
MVP
Rank: #177

Hello Binh Cao,

Do you currently have HSTS enabled in LifeTime, as well as the Secure Cookie setting?

Also, after having checked Single Sign-On Between App Types, have you re-applied the configuration to your applications? An easy way to do this is to create a new Solution in Service Center, associate all modules with it, then click Apply Settings.

If you've already done that, then are your applications both using the same User Provider Module (properties at the module level in Service Studio)? And when you redirect to your React application, are you redirecting to "/" of the application or to "/Login"

Rank: #14272

Hi Craig,

Thanks for your reply. 

I figured out that SSO not working in my scenario because my Login button is Ajax Submit and I redirect the user to another page after successful login. When the Login button is Ajax Submit, the Authentication Cookies (nr1 and nr2) are not set after the login. They will be set if either the Login button Submit rather than Ajax Submit or there is no Ajax refresh and Redirect in the Login logic. And SSO will work. 

I'm not sure if it is a bug or a behavior by design.

The problem for us is not using Ajax (Submit or Refresh) will break some cosmetic behaviors on our Login page.


mvp_badge
MVP
Rank: #73

Hi Binh Cao,

I’m pretty sure the issue you had is related to the below mentioned bug fixes that are included in Platform Server 11.10.0 or later.

Fixed SSO between different app types so the roles are correctly updated and users are no longer blocked from accessing the screens in the session. (RTAF-3182)

Fixed authenticated user losing the roles while navigating from a Traditional to a Reactive app, with Single Sign-On activated. (RAR-307)

Hope this helps!

Regards,

Nordin

Rank: #20137

Hi Nordin,

Thanks for your reply.

I'm afraid it's not the case. I believe the fix in v 11.10.0  is for the user roles only. In our scenario, the Reactive app doesn't get even the UserId. However, we will try to update the Platform Server and see if our issue has been fixed.

Currently I've implemented a work-around with a hidden Submit button and it can temporarily fix the issue. We still have issue with roles though since we are using the older version of the Platform Server.

mvp_badge
MVP
Rank: #73

Hi Binh Cao,

Yes, if the issue still exists after updating the Platform, please report the issue to OutSystems Support as it could be another bug they were not aware of.

Regards,

Nordin