JSSP site with Access control restriction

Question

I have created a JSSP in adobe campaign classic v7. And I would like to restrict the access only to Adobe Campaign users (of the instance).

It should be a similar behavior as the option in webapp -> Properties -> Access Control -> Enable access Control.

I am sure that there has to be a code, similar to:

<%@ page import="xtk:server/jsspcontext.js" %>

<%@ page import="/nl/core/shared/nl.js" %>

<%

logonEscalation("webapp");

try {

var userInfo=xtk.session.getUserInfo();

} catch (e) {

var returnURL="/<namespace>/<label>.jssp" ;

response.sendRedirect("/nl/jsp/logon.jsp?target=" + encodeURIComponent(returnURL))

return;

}

But is not workfing for me, as after request for the login, it redirect me to the same login, instead of the jssp.

Can someone please guide me? 🙂

ccg1706 · Accepted Answer

Hi @ivan_matiasga,

The error occurs because you aren’t creating a token anywhere, so you should delete logon(sessionToken).
You’re also getting the login loop because you escalate before checking who’s logged in.

You should try the following steps.

1. If there’s no operator session, redirect to /nl/jsp/logon.jsp.

2. Once the user is authenticated, optionally escalate and then restore, if extra rights are needed.

If you want me to share the code, please let me know and I will do it 🙂

Best,
Celia

Ivan_MatiasGa · Answer

Another option that I found in this blog: How JSSPs work in ACC (Dynamic JavaScript Server Page) | Blog by Florian Courgey

Was to use:

var oldContext = logonEscalation('webapp'); // login with the standard webapp access

logon(oldContext); // log back in as previous user
//logon(sessionToken); // log in with token

But the error now is:

JST-310000 Error while compiling script 'get_bip_<pageName>_jssp' line 14: sessionToken is not defined.

Sign up

Login with SSO

Login to the community

Login with SSO

Scanning file for viruses.

This file cannot be downloaded