Hi, and apologies if this topic has been covered in another post - I'm fairly new to working with the Tessitura api.
I'm starting a web application on a third party host that will interact with the Tessitura SOAP api. I've got my application to invoke the GetNewSessionKey operation and I'm able to append this new session key along with a pipe symbol and expiration date, then encrypt that whole string and store it in a domain level session cookie named TNEW (or TNEWQA) as specified in the Shared Session documentation I know that the encryption is working correctly because I can take the whole encrypted string and decrypt it correctly using the shared session page on my TNEW admin site (https://[mytnewsite]/setup/SessionSharing). I then invoke the LoginEx operation to make sure the session key is logged in for our TNEW anonymous user constituent.
The challenge I'm having is that when I have a browser session and I leave my 3rd party host and move over to TNEW - TNEW doesn't seem to acknowledge the validity of the cookie and overwrites it with a new session key and expiration. I feel like I'm probably missing something simple, but I've spent 2 days on this now and I'm begging for mercy. Anyone who has worked through this in the past have a tip for the light bulb moment that I'm looking for? Any help would be appreciated.
Thanks,
Bill Waugh
Starlight Theatre
Hi Bill,
My first suspicion is that the cookie domain is not set correctly. If you can post some links to both sites that you are testing with. -
TNEW will try to build a correct domain path for the cookie. If your url is "http://tnew.domain.org", TNEW will strip off the first subdomain and use "domain.org" for the domain of the cookie.
The second suspicion I would have is that the pages you're jumping between use different Tessitura API's. -
TNEW will decrypt the cookie contents, then check if the session key is logged in. If the API returns "session key valid" then TNEW will silently grab a new session key and keep going.
-Sam
Thanks for the quick response Sam. I was able to get the cookie working correctly on our QA site. I was setting the domain on the cookie, but it is possible that I was mixing between the Live and Test API's. Thanks for your help.