The nature of our development environment leads us to develop multiple alpha applications for different groups within the same organization. For example, we have a common Alpha application that anyone in the organization can access, then department specific applications. Some administrators can access multiple applications for multiple departments so the combinations are who can access what are somewhat extensive.
I thought we had this licked, we created a cookie that encrypts userid and password and for each application we read that cookie and auto login the user. However, we have recently discovered a flaw in that approach and have yet to determine the best workaround.
The new issue relates to a single user opening multiple Alpha Applications (running within IIS and using Alpha IIS Server). When they open application 1, they are logged in. Now they open application 2 (without closing application 1). They are logged into application 2 without issue. However, when they go back to Application 1, that application acts like they are not logged in and redirects them to a login page.
They can however open Application 1 and are auto logged in. If they do stuff in application 1 and close it then open Application 2, everything works as expected. They get logged in, do stuff and close the application. This can go on indefinitely as long as they open and close a single application. When they try to toggle between multiple applications, then the are logged into the latest application they access and logged out of all other currently open applications.
Any thoughts on how to get around this or where to look would be greatly appreciated. BTW, these are browser based applications running on a desktop, we do not need to solve this issue for mobile (yet?)..
Thanks,
Jeremy
I thought we had this licked, we created a cookie that encrypts userid and password and for each application we read that cookie and auto login the user. However, we have recently discovered a flaw in that approach and have yet to determine the best workaround.
The new issue relates to a single user opening multiple Alpha Applications (running within IIS and using Alpha IIS Server). When they open application 1, they are logged in. Now they open application 2 (without closing application 1). They are logged into application 2 without issue. However, when they go back to Application 1, that application acts like they are not logged in and redirects them to a login page.
They can however open Application 1 and are auto logged in. If they do stuff in application 1 and close it then open Application 2, everything works as expected. They get logged in, do stuff and close the application. This can go on indefinitely as long as they open and close a single application. When they try to toggle between multiple applications, then the are logged into the latest application they access and logged out of all other currently open applications.
Any thoughts on how to get around this or where to look would be greatly appreciated. BTW, these are browser based applications running on a desktop, we do not need to solve this issue for mobile (yet?)..
Thanks,
Jeremy
Comment