1. #1
    Sencha User
    Join Date
    Nov 2012
    Posts
    12
    Vote Rating
    0
    fujy is on a distinguished road

      0  

    Default Unanswered: Cross Domain Session Managment

    Unanswered: Cross Domain Session Managment


    Hello,

    I'm building a client-side solution that consumes a remote .NET web service, Here is the problem

    1- The user makes a Log in request with a username and password ( done using Ext.Ajax.request )
    2- The server responses with a JSON message saying that log in successful, also it responds with a cookie variable
    ASP.NET_SessionId : "blahblahblahblah"

    3- The user requests for some data using some web service method
    e.g. getDepartmenttEmployeeList(DepId)

    4- But the server responses with 200 OK and a JSON message telling that an "AuthenticationError" has happened and "Another user with the same credentials kicked you out."

    Now the problem is:
    When I check the request headers in the second request, I see that the browser didn't add the cookie that was previously sent by the web service, So I don't know exactly How the web service would know that I am the user who just logged in
    How can I force all requests ( after log in success) to be in the same session, should I send back the ASP.NET_SessionId cookie? How can I send it? Is there another way?

    Note: All requests is done after enabling CORS in Ext.Ajax in ( e.g. "Ext.Ajax.cors = true" )

    Thanks in advance

  2. #2
    Sencha User
    Join Date
    Nov 2012
    Posts
    12
    Vote Rating
    0
    fujy is on a distinguished road

      0  

    Default


    Any Suggestions?

  3. #3
    Sencha User
    Join Date
    Jan 2012
    Posts
    14
    Vote Rating
    0
    indra00 is on a distinguished road

      0  

    Default HELP Needed

    HELP Needed


    I am having the exact same problem. I have been using Sencha 2.0.1 ... but now moving to 2.1 as it allowes withCredential config in proxy which according to sencha lets you set the cookie.

    BUT , question to all Sencha pros, I still havent got any confirmation from anyone that even with the 'withCredential' config turned on, subsequent ajax request sends that cookie out so that server can recognize session.

    This is a serious issue as to application level security. I am amazed to see so little clarification through out the internet regarding this issue.

    mitchellsimoens I believe you r pro, please do investigate the issue and tell what is the solution

Thread Participants: 1

Tags for this Thread

film izle

hd film izle

film sitesi

takipci kazanma sitesi

takipci kazanma sitesi

güzel olan herşey

takipci alma sitesi

komik eğlenceli videolar