How to stop apps from overriding the session cookie, to allow one user to have multiple apps open at the same time?

0
It seems that anytime a user access a Mendix app, that app will overwrite any values already stored in the "__Host-XASSESSIONID" cookie. This means that if a user is already signed into one app, then they try to open another app they will lose their session on the first app since each app uses the same cookie. This is a terrible design, as it prevents users from comparing data between apps, or viewing data from one app while entering data into another app. Our end goal is for apps to essentially use a unified session, so if a user accesses a new app and the session cookie is already checked, the app will make a call to our "core" app to validate the session, updating the new app to store the same session info allowing multiple app sessions per user.   Is there anyway to override or hook into whatever behind the scenes actions Mendix runs when it checks this session cookie? I am assuming its handled either inside the mxui.js file, or from the mendix service worker.
asked
1 answers
0

This is default behavior when deployed in the cloud. Just tested this by logging in into 2 different apps in the same browser and the session is not overridden. This will happen when logging in with account 1 on tab one and with account 2 on tab two for the same application. Then the session cookies is overridden leading to the described behavior. So if you have this issue with 2 different apps this is not by design and something specific is happening and I would suggest to open a ticket with Mendix support for this specific case.

answered