


Views
Replies
Sign in to like this content
Total Likes
Hello @wankang ,
you call the session#logon() and parse out the session token which you can use in calling JSSP endpoint
If you read over xtk:jsspcontext.js in JS libraries you can authenticate using:
https://example.com/namespace/myrest.jssp?__sessiontoken=<sessiontoken>
which is not secure because GET requests are often cached in various places like web servers, proxies, and the user's browser history, and therefore can potentially expose the token to unauthorized access.
Marcel Szimonisz
MarTech Consultant
for more tips visit my blog
https://www.martechnotes.com/
Views
Replies
Sign in to like this content
Total Likes
Hello @wankang ,
you call the session#logon() and parse out the session token which you can use in calling JSSP endpoint
If you read over xtk:jsspcontext.js in JS libraries you can authenticate using:
https://example.com/namespace/myrest.jssp?__sessiontoken=<sessiontoken>
which is not secure because GET requests are often cached in various places like web servers, proxies, and the user's browser history, and therefore can potentially expose the token to unauthorized access.
Marcel Szimonisz
MarTech Consultant
for more tips visit my blog
https://www.martechnotes.com/
Views
Replies
Sign in to like this content
Total Likes