I cannot use sessions with AS3 SDK

0 votes

Dear team,

I am using AS3 SDK (latest version). I can authenticate, I can send and retrieve information but I cannot manage sessions. When I try to logout I get the error

 {"app42Fault":{"httpErrorCode":401,"appErrorCode":1401,"message":"UnAuthorized Access","details":"Client is not authorized"}}


Setting Header value : SDKName : AS3
Setting Header value : apiKey : c6e4da2d61f15dae93d60a6edf4514807311e37e1b6c91adab6b96c3a194a397
Setting Header value : dataACL : [{"null":null}]
Setting Header value : resource : storage
Setting Header value : signature : zmMf%2FEaR07u%2FABaqnHoBHQ5SmYg%3D
Setting Header value : timeStamp : 2016-04-21T19:7:36.135Z
Setting Header value : version : 1.0
Any suggestion why this is due? Furthermore, how can I control the users that have been authenticated and the session times? I do not understand very well how this runs.
Best regards, I appreciate very much your help.
Best regards.


asked Apr 21, 2016 in Flash by manuelrodriguezid (10 points)
recategorized Apr 25, 2016 by shepAdmin

1 Answer

0 votes


Thanks for sharing the logs woth us. It seems like you are getting exception in Storage service method, because the logs which you have shared with us is for Storage service. So could you please check in which method you are getting this exception. Also, please share your App42 app type means the App which you have created through AppHQ Management Console is ACL enable app or not. 

It will help us to provide better support to you.


Himanshu Sharma

answered Apr 22, 2016 by hs00105 (2,005 points)
Dear Himanshu Sharma,

Thanks for your answer. Yes, I use the Storage Service and I get this exception with the session related methods (getSession) or with the Logout after doing properly the authentication. I am not sure if ACL is enabled because I cannot find this information in the dashboard, but this happens with Replay Attack enabled or disabled. The name of the App is DefocusCurve. What do you suggest?

Best regards

Apologies for getting late back to you. Could you please share your sample project with us because the logs which you have shared is for Storage method and you are getting an exception in Logout method. We have to debug the root cause. So if it is possible then please share the sample project code which replicate this exception. It will help me to provide better support to you.

Himanshu Sharma
Dear Himanshu,

Thank you very much for your answer. I will prepare a sample project trying to replicate the error and I will share with you. Thank you very much!

Best regards
Dear Himanshu,

Finally I found the mistake but I am a bit confused about the SDK.

I initialize the storage service with:
serviceAPI=new ServiceAPI(APIKey,SecretKey);

I autenticathe the user in this service with:

Therefore a I have created a login form to authenticate the user. But, I have created also a session?

I have noticed that later to close a session I have to use a different API.
UserService userService = App42API.buildUserService();   
userService.logout(sessionId,new App42CallBack()

This was the problem, I did not initialize API42 but if I initialize I can logout but I am not sure If I am using properly the SDK.

My question is:
I have to use two different services. First, I have to control all the sessions with API42 and later I have to create a new storage for ServiceAPI and authenticate again? Is it the correct way to use it or I am using deprecated functions in the API?

Great to know that your previous query has been resolved. Could you please let me know the use case of authenticating the user again, because if the user is not logout the session id will remain same. Please share some more information on this, it will help me to provide better support to you.

Himanshu Sharma
Also, both functions (App42API.initialize("APIKey","SecretKey") & new ServiceAPI("APIKey","SecretKey")) have their own advantages. Using App42API, you don't need to initialize the keys again in the project because it is a static method. So i will suggest you to use App42API for creating session.

To resolve your query, if you need to authenticate the user again then it doesn't required to initialize the SDK. You can simply open a login screen when it is required. Because as you said, you have trigger point at your end. Let me know if you need any other help from my side.

I will be happy to help you!!!

Himanshu Sharma
Download Widgets
Welcome to ShepHertz Product line forum, where you can ask questions and receive answers from the community. You can also reach out to us on support@shephertz.com