• Categories
  • Recent
  • Tags
  • Popular
  • Solved
  • Unsolved
  • Users
Skins
  • Light
  • Cerulean
  • Cosmo
  • Flatly
  • Journal
  • Litera
  • Lumen
  • Lux
  • Materia
  • Minty
  • Morph
  • Pulse
  • Sandstone
  • Simplex
  • Sketchy
  • Spacelab
  • United
  • Yeti
  • Zephyr
  • Dark
  • Cyborg
  • Darkly
  • Quartz
  • Slate
  • Solar
  • Superhero
  • Vapor
  • Default (Darkly)
  • No Skin
Collapse
brainCloud Forums

Field access restriction inquiry

Scheduled Pinned Locked Moved Feature Suggestions
6 Posts 3 Posters 78 Views
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
Reply
  • Reply as topic
Log in to reply
This topic has been deleted. Only users with topic management privileges can see it.
  • N Offline
    N Offline
    noah
    wrote last edited by
    #1

    We use the S2S script to check whether the player's session is valid based on the sessionId and profileId sent from the client.

    GetSessionForSessionIdAndProfileId

    We use this function, and when accessing the returned field,

    the isLoggedOut field, we receive a Java access restriction error.

    We use this function closely in an S2S environment and check the session for every API call, so we need to use this field to determine whether the session has been invalidated (logged out, etc.).

    If there is no problem, please allow access to that field.

    1 Reply Last reply
    0
  • J Offline
    J Offline
    JasonL bitHeads
    wrote last edited by
    #2

    Yes, this is a known limitation. Due to backend security applied, Rhino can no longer directly access Java classes. Currently, our backend does not convert Java Boolean objects into primitive values before passing them to Rhino.

    I’ll forward this to our development team to see what improvements we can make on our side.

    1 Reply Last reply
    0
  • N Offline
    N Offline
    noah
    wrote last edited by
    #3

    hi. @JasonL

    Thank you for your reply.
    I thought it was a JavaScript object, so I used Object.Assign({}, session), JSON.Parse(JSON.stringify(session)).
    I tried to copy the object and use it, but since it's a reference to a Java object, it didn't work as intended.
    Please help me retrieve the necessary data.

    1 Reply Last reply
    0
  • Paul WinterhalderP Offline
    Paul WinterhalderP Offline
    Paul Winterhalder brainCloudAdmin
    wrote last edited by
    #4

    Hi @noah ,

    That call only returns the session if the user if it's valid and the user is still logged in - so you shouldn't need to check that field. If it's non-null you are good.

    Paul.

    1 Reply Last reply
    0
  • N Offline
    N Offline
    noah
    wrote last edited by
    #5

    hi @Paul-Winterhalder
    We check for authentication based on BrainCloud's userId:sessionId on the server. Required to detect logout of an existing session when one user logs in from a different device. This is to enable immediate duplicate login exposure.This is the only checkable field at this point.

    1 Reply Last reply
    0
  • Paul WinterhalderP Offline
    Paul WinterhalderP Offline
    Paul Winterhalder brainCloudAdmin
    wrote last edited by
    #6

    Then just call GetSessionForSessionIdAndProfileId() again.

    The check your are doing requires the retrieval of the session from memcached. Retaining a copy of the session and then checking that field later will not solve your use case...

    i.e. if the players session was valid at the time the system calls GetSessionForSessionIdAndProfileId() -- and then becomes invalid while you've got the session cached --- you can't just check the "isLoggedOut" field - because even if you COULD access it - you would be accessing a STALE copy of it.

    So just re-call GetSessionForSessionIdAndProfileId() and if that call is non-null - the session is STILL good - and you are gold.

    1 Reply Last reply
    0

  • Login
  • Login or register to search.
  • First post
    Last post
0
  • Categories
  • Recent
  • Tags
  • Popular
  • Solved
  • Unsolved
  • Users