Create
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Sign up Log in
Products
See all
Community resources
Top groups
Explore all groups
Community resources
Learn
Community resources
Events
Community resources

sessions not working with safari browser using ACE and redis (connect-redis)

Lutz Bliska
Lutz Bliska February 24, 2017

We are still at the same project at described here: https://answers.atlassian.com/questions/50367209

As @James Hazelwood suggest us, we did setup the cache service redis (connect-redis).

Redis works fine with FF and Chrome Browser but it doesn't work with safari.

 

The problem is that the session vars are getting lost after the first route.

e.g.:

  1. request to the default endpoint (configured in the atlassian-connect.json) and the session looks like this:

    Session {
  cookie: 
   { path: '/',
     _expires: 2017-02-24T17:11:21.686Z,
     originalMaxAge: 1800000,
     httpOnly: true,
     secure: true },
  URL: 'https://test.net' }

  2. After posting a from to a other endpoint (/login) the session object looks like that:

    Session {
  cookie: 
   { path: '/',
     _expires: 2017-02-24T17:11:21.343Z,
     originalMaxAge: 1800000,
     httpOnly: true,
     secure: true } }

So the variable URL gets lost.

 

Any ideas why ?

Thank you for your support 

 

 

Watch
Like Be the first to like this
1435 views

2 answers

Comments for this post are closed

Community moderators have prevented the ability to post new answers.

Post a new question

1 vote
Patrick Streule
Patrick Streule
Atlassian Team
Atlassian Team members are employees working across the company in a wide variety of roles.
February 26, 2017

Safari does not accept 3rd-party cookies by default, which is the reason why cookie-based sessions should not be used in Connect add-ons: Users only ever hit the add-on URL in an iframe, but not directly, so the add-on is seen as a 3rd-party. This means that you'll see a new session on every request.

The solution is described on https://bitbucket.org/atlassian/atlassian-connect-express, in the section called "How to send a signed HTTP request from the iframe back to the add-on service": Essentially you create another JWT in the add-on, which can be used for subsequent request from the iframe to the add-on backend.

Reply
0 votes
Lutz Bliska
Lutz Bliska March 13, 2017

Hello @Patrick Streule you are right and i already using JWT for secure backend requests from iframe.

The question is, how can is how can i have a session like store (like redis) which is not cookie based ?

I need to use session variables.

Any ideas for this issue ?

Regards 

Reply
Atlassian logo
Answers Developer Questions
TAGS
AUG Leaders

Atlassian Community Events

    See all events