Missing sessionIdEnabled property on new Gluu version

By: Eddy DP user 31 Oct 2022 at 9:51 a.m. CDT

4 Responses
Eddy DP gravatar
Hello everyone: I am working on doing some tests with the last version of Gluu (4.4) and I saw some errors when I try to SSO from an iOS app. These errors happen because of the absence of the Session ID. Every time I try to set the value of the property "sessionIdEnabled" to "true" in JSON Configuration -> oxAuth Configuration tab in the Gluu's Dashboard, it automatically turns to "false". I even tried to add the property to the JSON data via LDAP browser and I noticed that the property does not exist in the LDAP and when I add it and then I refresh the browser or update the Configurations by the "Save Configuration" button, it turns to false again and the property disapears from the LDAP data. I was reading the Gluu docs and I was comparing the different versions and then I realized that in the docs for Gluu 4.4 you skipped the sessionIdEnabled. So the question is, how can I activate the Session ID in this new version of Gluu? Thank you so much!
Gluu 4.4 Ubuntu 20.04
closed

Answers

By Yuriy Zabrovarnyy staff 31 Oct 2022 at 1:07 p.m. CDT

Copy
Yuriy Zabrovarnyy gravatar
Hi Eddy, `sessionIdEnabled` was removed because that property was not in use. You can consider it as always on (`true` value). There no way to set it to false and turn off sessions on AS. Thus there no sense to add/remove/modify this property in 4.4.x versions. Thanks, Yuriy Z

By Eddy DP user 31 Oct 2022 at 7:29 p.m. CDT

Copy
Eddy DP gravatar
Hi Yuriy, thanks for your answer, but now on this new version the session_id field for native applications (iOS, Android) is missing (See the screenshots) ![](https://firebasestorage.googleapis.com/v0/b/mis-pruebas-361b1.appspot.com/o/code_session_id.png?alt=media&token=c65bca13-1505-410c-b9a2-75f42ff481ad) ![](https://firebasestorage.googleapis.com/v0/b/mis-pruebas-361b1.appspot.com/o/debug_session_id.png?alt=media&token=a347bfe4-c402-4b69-b775-cfade414032e) What configuration should I apply now to get that field?

By Yuriy Zabrovarnyy staff 01 Nov 2022 at 1:49 a.m. CDT

Copy
Yuriy Zabrovarnyy gravatar
I'm not sure what is shown on screenshot. But if it's response from Authorization Endpoint and you wish to get `session_id` parameter in response then you need to set these 2 properties: 1. "sessionIdRequestParameterEnabled" : true 2. "fapiCompatibility": false See https://github.com/GluuFederation/oxAuth/blob/0508a589a20cfde4ba22c64abb14b847a84402a6/Server/src/main/java/org/gluu/oxauth/authorize/ws/rs/AuthorizeRestWebServiceImpl.java#L596

By Eddy DP user 06 Nov 2022 at 6:01 p.m. CST

Copy
Eddy DP gravatar
Thanks, enable the parameter sessionIdRequestParameterEnabled, solve the problem

Post an answer