Skip to end of metadata
Go to start of metadata

You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 9 Next »

Updated structures

massimportitem

  • itemisvalid (ADDED) Allows to store item validity against its target structure

    • child → activated

    • Not editable

    • default 1

New operation of the API connection in session mode

The version 2021.4 introduces a new connection mode of the API in session mode. The surfer is no longer created at each invocation (this avoids the execution of surferservices at each invocation).

This mode is called sessionful.

Caution: note that there is a sessionful mode implemented in the WXM_RESTAPI plugin, which is also in session, but with the x-wedia-api-token cookie which is enabled by the sessionFul and allowSessionFul parameters. This is not the mode we are talking about here, which is enabled by the jsessionidcookie parameter.

Cookies

The cookie used to maintain the session is JSESSIONID. The x-wedia-api-token cookie is not used anymore.

The x-wedia-api-token-so and x-wedia-api-token-tk cookies are maintained.

A new cookie x-wedia-api-token-app is implemented to allow the return to the application connection in case of user disconnection.

Session sharing between Backoffice and Portal

The session (the JSESSIONID cookie) is shared between Portal and Backoffice. This means that logging into one connects to the other. And disconnecting from one, disconnects from the other. Note that when a user disconnects from Portal, he is automatically reconnected to the "Portal" application.

Compatibility

There is no change to make in the way the services are called (signin, token refresh, signout). The cookieauth parameter is always used to switch to cookie mode (instead of bearer). However, the sessionauth parameter is no longer supported.

The session/JSESSIONID mode is enabled by default. The operation is imposed on all callers, but it is necessary for them to maintain the JSESSIONID cookie to operate in session mode (including if authenticated by bearer), otherwise there will always be a connection (with execution of the surferservices) at each invocation.

The old modes are still supported. API Authentication & Connection Modes

Portal development in localhost

The Portal development done on the localhost domain requires a special setup.

Local development with REST API sessionfull mode

Old cookies maintained by browsers

Normally, the server handles old cookies that may (especially x-wedia-api-token) interfere with the new system. There may be special unmanaged cases that require cleaning up the cookies in the browser.

Dataview personification

In the concern of giving to our users more flexibility about what they are seeing in the dataview, it’s now possible to show/hide all the i18n field from the dataview. A new button “Translations” is now displayed when i18n fields are present in the dataview. This is totally independant from the security and it’s working on what is already displayed.


  • No labels