The ConnectWise Control forum has moved to ConnectWise University! This forum has been locked and is in read-only mode. Click here for instructions on how to access the new forum.

Welcome Guest! You can not login or register.



Go to last post Go to first unread
#1 Posted : Wednesday, March 22, 2017 3:41:53 PM(UTC)

Rank: Guest

Joined: 3/22/2017(UTC)
Posts: 1
United States

I wrote custom SC extension that does 2 very simple things:

public Guid FindSession(string name)
	var session = SessionManagerPool.Demux.GetSessions().FirstOrDefault(s => s.Name == name);
	if (session == null)
		 return new Guid();
	return session.SafeNav(s => s.SessionID);

public Guid FindOrCreateSession(string name, string host)
	var session = SessionManagerPool.Demux.GetSessions().FirstOrDefault(s => s.Name == name);
	if (session == null)
		session = SessionManagerPool.Demux.CreateSession(SessionType.Support, name, host, false, name);
	return session.SafeNav(s => s.SessionID);

As you can see, the second method "FindOrCreateSession" is just a copy of what came from the start template. It still seems to work.

The first method "FindSession" is what doesn't work. It is suppose to get a session Guid by name, if it exists. That's all.

I use this in PHP like this:

$session = file_get_contents("https://sc.company.com/App_Extensions/68646de4-bab4-4a1b-aa17-4271b3d3defb/Service.ashx/FindSession/" . $sessionName);
if (!empty($session) && trim($session, '"') != "00000000-0000-0000-0000-000000000000")
    // The session exists. Do things
    // Session does not exist. Do other things

My issue, after upgrading from 5.6.10957.6018 > 6.1.12292.6236, is that the method always returns "00000000-0000-0000-0000-000000000000" now.

I did some digging, and it turns out that the name being passed in is always null. I test this with an example method:

public string test(string name)
    return "name===" + name + "===";



Will return "name======"

What has changed that this doesn't work anymore?

#2 Posted : Thursday, March 23, 2017 4:23:02 PM(UTC)

Rank: Administration

Medals: Level 3: Shirt off your back! Received 25 Thanks!

Joined: 7/23/2013(UTC)
Posts: 715
Location: Raleigh, NC

Was thanked: 66 time(s) in 63 post(s)
In 6.0, we disabled passing web-method parameters via GET to protect against CSRF attacks.
You'll need to send the request as POST, with the parameters as a JSON array in the body of the request (like ["sessionname"] or ["sessionname", "host"]).

(Alternatively, you could put <add key="WebServiceAllowHttpGetOperations" value="true" /> in your web.config to make it act like before, but that's not recommended as a long-term fix.)
ScreenConnect Team
Users browsing this topic
Forum Jump  
You cannot post new topics in this forum.
You cannot reply to topics in this forum.
You cannot delete your posts in this forum.
You cannot edit your posts in this forum.
You cannot create polls in this forum.
You cannot vote in polls in this forum.