2 Replies Latest reply on Nov 20, 2014 8:30 AM by msbrocca

    SSO problem for REST calls

    msbrocca

      Hello all,

       

          My name is Maxi, and I'm completely new in the Jive world. Fro that reason I'm contacting you to see if you could guide me with a problem we've in the project I'm working on.

          In the project I mentioned, we are using Jive 6 and it has SSO activated. I think is using SAML and OAUTH2. The first problem I've is that I've no idea how SSO works. The problem we have in the site, is that when a user stays in a page for some time that makes that some timeout ends, any REST calls fails with a message that says that "". This is not happening with calls or links that are not using REST API ("normal" url mapping). We checked the cookies, code implementations, but we are not finding the cause.

       

      I hope you can help me at least letting me know where could be possible causes, how SSO works, etc. Anything will help.

       

      Thanks in advance,

      Maxi

        • Re: SSO problem for REST calls
          Ryan Rutan

          A few questions, although this sounds perhaps a bit like a support issue.

           

          Is your SSO a custom implementation?  If so, you need to make sure that it doesn't protect the /api resources. 

           

          Standard Jive cookies and/or HTTP Basic should be used to access the API in Jive 6, and if you are protecting the /api resources, this could be causing the issues you are experiencing.

           

          Hope this helps,

           

          RR

            • Re: SSO problem for REST calls
              msbrocca

              Hello Ryan,

               

                 First of all, thanks for your help.

                 Regarding your question, the answer is YES. We have a custom implementation.

               

                 What I found yesterday, and maybe is something obvious for people that understand how SSO works in this environment, is that if I delete the jive.security.context part of the cookie, the problem is instantaneously reproducible. So, maybe the trouble comes form that part. But..... when I looked for that string in the entire code of our site and the jive 6 source, I couldn't find results. So, I'm still lost in the space.

               

              Regards!

              Maxi