I'm trying to get to a NetSuite RESTlet from a client script without hardcoding the authentication data. NetSuite documentation says "For a RESTlet called from a client hosted by NetSuite, you do not need to pass authentication information in the HTTP request. A check for a valid NetSuite session (JSESSIONID) occurs, and this existing session is reused." Another bit of documentations from SuiteAnswers says "As for the second option [using JSESSIIONID cookie], this is normally used for sending multiple session. But for this to be used, you must have at least one NLAuth authentication done."
Needless to say I'm confused. I haven't seen any examples of using JSESSIONID for RESTlet authentication. I have tried it myself and it is not working.
function getCookie(name) {
var re = new RegExp(name + "=([^;]+)");
var value = re.exec(document.cookie);
return (value != null) ? unescape(value[1]) : null;
}
var sessionId = getCookie("JSESSIONID");
var headers = {"Cookie": "JSESSIONID=" + sessionId ,
"Content-Type": "application/json"};
I have checked the sessionId variable and it looks good. It works fine when I hardcode the authentication and use nlAuth. I'm not sure why this won't work unless the second statement above from the documentation is accurate. Has anybody else authenticated a NetSuite RESTlet with just the JSESSIONID?
I figured this out. It is possible and you have to use a relative url. I kept missing that advice when looking for answers.
I figured this out. It is possible and you have to use a relative url. I kept missing that advice when looking for answers.