• No featured posts

Authorize server 2BA

Introduction:
In order to be able to continue to guarantee maximum security for our platform as a shared data center, we periodically have penetration tests performed for the Online Condition Server (OCS), Unifeed and the API Web services. As a result, a change is planned to our opt-in and unsubscribe process and cookie and session policies. With this message we inform you about the consequences of this change for you as a user or IT partner.
Current situation:
Within 2BA’s applications, a central cookie¹ is currently used to ‘remember’ the login details. The various applications (Unifeed, My-environment, OCS) read this same cookie, so that the user is logged in on all platforms after logging in. When logging out, this central cookie is deleted without closing the current (database) sessions per application.
New situation:
In the new situation, the central cookie will expire. When starting an application (such as OCS, Unifeed or My environment), that application will check with the authorization server via a roundtrip (roundtrip is a redirect to the authorize server (URL) and back to the application). user is already known/logged in. The authorize server recognizes the user if they have just logged in (session) or if the new checkmark “Remember login” is activated. When logging out, other running sessions may also be logged out²
Schedule:
The change/migration is scheduled for June 16, 2022. As of May 30, 2022, we will make our adoption environment available to test this change.
Impact:
We foresee the following consequences:
  • When using the OCS, Unifeed, My environment (in the form of “as a website in a browser), you will have to log in again after the migration.
  • When using the OCS, Unifeed, My environment in a regular browser, after migration, you will have to log in again by default unless the checkmark “remember login” is enabled.
  • When starting the OCS, Unifeed, My environment, a round trip to the authorization server will always take place (the browser briefly switches between application – authorize – application).
  • The API does not use cookies as the API works with tokens, this remains unchanged.
  • There is no impact if you use Unifeed in the integrated form, eg within an ERP or PIM package.
As it concerns a fundamental change in the authentication, although we expect the impact to be low, we recommend that you test this well for your customers via:
¹  domain wide cookie (*.2ba.nl)
²  except e.g. those sessions that are logged in separately, via a token

For any questions and/or reversals you can always contact us via helpdesk@2ba.nl 

With kind regards,

2BA Helpdesk

Phone: (+31) 88 222 00 10
E-mail: helpdesk@2ba.nl

Follow 2BA at LinkedIn:

This is an automatically generated message, you cannot respond to this.

Wat biedt 2BA voor u als Installateur Wat biedt 2BA voor u als Groothandel Wat biedt 2BA voor u als Fabrikant Wat biedt 2BA voor u als Software Partner