1 Reply Latest reply on Feb 29, 2016 4:39 AM by Toto RoToTO

    How to handle login sessions across the multiple extensions?

    dnyaneshlb Level 1

      Hi,

       

      I am new to extension development and using Illustrator 19.2, mac yosmenite 10.1, brackets, tomcat, jquery-2.0.2 for development. I have created 4 extensions which needs server login for authorization.

      Problem here is that, even though all 4 extensions communicate with same server, I am forced to login seperately in all 4 extensions.

      Isn't it possible like browser, that I can login with just one extension and rest 3 extensions will understand it.

       

      However I have tried following -

      • Once I login with 1 extension, I retrieved the cookie with "JSESSIONID", and set this cookie as header for every new request.

                Limitation : Modern browsers will not allow this since its a session hijacking and major security breach.

       

      Thanks in Advance.

       

      Let me know if you need more info.

        • 1. Re: How to handle login sessions across the multiple extensions?
          Toto RoToTO Level 3

          Hi,

           

          We had the same requirement. Several extensions sharing the same session ID.

          We did solve this using a c++ plugin.

           

          The first extension loaded retrieve the session ID.

          Then, the session ID is sent to our c++ plugin, which is in charge of storing it.

          After, during that session, if a new extension is loaded, the session ID is sent to that extension.

          So the user won't have to go through the connection process.

           

          we are using csxs events, controllers, and more.

          But it is not so complicated.

           

          Thomas.