Revision history - Axon.ivy

Hi Reguel, I was able to add Authorization Basic header before ApplicationSessionRequestFilter. In result, the session of the user was changed based on this header. However, the returned cookie form this request, is still not valid for the next calls ... ) the second call is authenticated as Developer) I assume that this is a bug. Here how you can reproduce it: 1. create project myapp with two REST endpoints (require authentication) (/ivy/api/myapp/loginCall and /ivy/api/myapp/checkCurrentUser); in both of them just log Ivy.session().getSessionUserName() 2. create user -> allan:allan 3. add this code snippet as index2.html and place it in \AxonIvyDesigner7.4.0\webapps\ivy 4. test it on http://localhost:8081/ivy/index2.html (clean cache/session first) html: <!DOCTYPE html> <html> <head> <meta charset="UTF-8"> <title>Test</title> <script src="https://ajax.googleapis.com/ajax/libs/jquery/3.4.1/jquery.min.js"></script> <script> function loginCall() { var authToken = btoa('allan:allan'); //user and passowrd return $.ajax({ url: "/ivy/api/myapp/loginCall", type: 'GET', headers:{ 'X-Requested-By': 'myapp', 'Content-Type':'application/json', 'Authorization': 'Basic ' + authToken }, dataType: 'json' }); } function checkProfile() { return $.ajax({ url: "/ivy/api/myapp/checkCurrentUser", type: 'GET', headers:{ 'X-Requested-By': 'myapp', 'Content-Type':'application/json' }, dataType: 'json' }); } $(document).ready(function() { loginCall() .done(function() { checkProfile() .done(function(response) { }).fail(function() { }); }).fail(function() { }); }); </script> </head> <body> check F12 </body> </html> BR, Yordan

Hi Reguel, I was able to add Authorization Basic header before ApplicationSessionRequestFilter. In result, the session of the user was changed based on this header. However, the returned cookie form this request, is still not valid for the next calls ... ) the second call is authenticated as Developer) I assume that this is a bug. Here how you can reproduce it: 1. create project myapp with two REST endpoints (require authentication) (/ivy/api/myapp/loginCall and /ivy/api/myapp/checkCurrentUser); in both of them just log Ivy.session().getSessionUserName() 2. create user -> allan:allan 3. add this code snippet as index2.html and place it in \AxonIvyDesigner7.4.0\webapps\ivy 4. test it on http://localhost:8081/ivy/index2.html (clean cache/session first) <!DOCTYPE ~~html> <html> <head> <meta charset="UTF-8">~~ html> <html> <head> <meta charset="UTF-8"> <title>Test</title> ~~<script~~ <script src="https://ajax.googleapis.com/ajax/libs/jquery/3.4.1/jquery.min.js"></script> <script> function loginCall() { { var ~~authToken~~ authToken = btoa('allan:allan'); //user and passowrd return $.ajax({ url: "/ivy/api/myapp/loginCall", type: ~~'GET', headers:{~~ 'GET', headers:{ 'X-Requested-By': 'myapp', 'Content-Type':'application/json', 'Authorization': 'Basic ' ~~+ authToken~~ + authToken }, dataType: 'json' ~~});~~ }); } function checkProfile() { return $.ajax({ url: "/ivy/api/myapp/checkCurrentUser", type: ~~'GET', headers:{~~ 'GET', headers:{ 'X-Requested-By': 'myapp', 'Content-Type':'application/json' }, dataType: 'json' ~~});~~ }); } $(document).ready(function() { loginCall() .done(function() { checkProfile() .done(function(response) { }).fail(function() { }); }).fail(function() { }); ~~}); </script>~~ }); </script> </head> ~~<body>~~ <body> check ~~F12~~ F12 </body> ~~</html>~~ </html> BR, Yordan

Hi Reguel, I was able to add Authorization Basic header before ApplicationSessionRequestFilter. In result, the session of the user was changed based on this header. However, the returned cookie form this request, is still not valid for the next calls ... ) the second call is authenticated as Developer) I assume that this is a bug. Here how you can reproduce it: 1. create project myapp with two REST endpoints (require authentication) (/ivy/api/myapp/loginCall and /ivy/api/myapp/checkCurrentUser); in both of them just log Ivy.session().getSessionUserName() 2. create user -> allan:allan 3. add this code snippet as index2.html and place it in \AxonIvyDesigner7.4.0\webapps\ivy 4. test it on http://localhost:8081/ivy/index2.html (clean cache/session first) > <!DOCTYPE html> <html> <head> <meta > charset="UTF-8"> <title>Test</title> > <script > src="https://ajax.googleapis.com/ajax/libs/jquery/3.4.1/jquery.min.js"></script> > <script> ~~> >~~ function loginCall() { var authToken > = btoa('allan:allan'); //user and passowrd ~~> >~~ return $.ajax({ > url: "/ivy/api/myapp/loginCall", > type: 'GET', headers:{ 'X-Requested-By': 'myapp', > 'Content-Type':'application/json', > 'Authorization': 'Basic ' + > authToken }, > dataType: 'json' > }); } > function checkProfile() { ~~> >~~ return $.ajax({ > url: "/ivy/api/myapp/checkCurrentUser", > type: 'GET', headers:{ 'X-Requested-By': 'myapp', > 'Content-Type':'application/json' > }, > dataType: 'json' > }); } ~~> >~~ $(document).ready(function() { > loginCall() > .done(function() { > checkProfile() > .done(function(response) { ~~> >~~ }).fail(function() { ~~> >~~ }); > }).fail(function() { ~~> >~~ }); ~~> >~~ }); </script> </head> ~~> >~~ <body> check F12 </body> ~~> >~~ </html> BR, Yordan