Skip to Content
0
Former Member
Jun 12, 2009 at 05:23 PM

SessionID used by OpenDocument

34 Views

Got an interesting issue I can reproduce all the time...

I have a custom interface to BO. This interface allows scheduling and viewing of reports. Scheduling occurs via the SDK, viewing happens through opendoc. The interface interacts with BO through some web services built with the java SDK. Authentication happens via a token.

When an employee accesses the interface, it logs into BO as a given client. The employee can then schedule reports, and view reports for that client. The employee then has the option to switch to another client. When such a switch occurs, the interface logs the user out of BO, and then back in using the new client's BO ID. All this login/logut happens behind the scenes. The user has no idea its happening.

Here is the issue. If the user views a report (done via openDoc), and then switches clients, and tries to view another report, I consistently get a report linking error. The steps to reproduce are:

Login into BusinessObjects via the SDK using client A credentials

Get a token.

Use token for all requests

View reports, passing the the token to openDoc for authentication

Invalidate token for client A

Login into Business Objects via the SDK using client B credentials

Get a token

Use token for requests

Try to view reports, passing the new token to openDOc for authentication.

I believe what's happening is that opendoc is setting the session ID on the first view. On subsequent views, its trying to authenticate with the sessionID and not with my token. For example, if I delete the session cookie, then I can view the report. O can also view the report if save the openDoc url, close my browser and then re-open it.

Any thoughts on how to get around this?