Question about authentication token expire
How long it takes for a token to expire, if it expires at all.
The call using the CWS SOAP API, specifically the Authentication.wsdl I'm using AuthenticateUserAsync() to generate a token
Comments
-
If you're purely going off of just the CWS AuthToken (not including OTDS), the token expiration is bound to your Content Server security settings, (?func=admin.securityvars), which, by default, is 30 minutes after the last request.
We have refreshToken() to deal with scenarios where you need to keep using your token.
You could, before performing anything, in your code, check the expiration time of your token, and if it's necessary, refresh/get a new one.
Or, you can set it to never expire, but that seems to me to be not the best idea.
1 -
The only expiration for OTDS I can think of, is otds.sso.ttl, found in the system config, it's the "ticket time-to-live" setting, in seconds.
0 -
Summary
To isolate our client code from the server behavior(e.g. auth timeout) , we have a single method for sending requests to OTCS. (e.g. SendToOtcsAsync). There we only refresh the ticket after a 401.
Steps
1. Refresh the token, unless already cached.
2. Attempt the specified request
3. Handle a 401 error, by refreshing the token & trying just #2 one more time (as opposed to get stuck in a loop)
4. Any other error gets thrown/returned to the caller in our code.
HttpClient makes this easy to do add a single handler using a custom HttpMessageHandler, but I have not tried that yet, since we are using FluentUrl or RestSharp, this was designed in from the start. Other methods supply parameters, such as the Htpp.Verb: GET, POST, etc.
A single method for all calls to OTCS is also a logical place to add any logging of requests and responses, incl StatusCode.
Note for obvious reasons the code which actually gets the Auth token, does not recurse back through SendToOtcsAsync.
This is more or less the pattern described by a OT support person
0 -
Nizar_Ghazal said:
If you're purely going off of just the CWS AuthToken (not including OTDS), the token expiration is bound to your Content Server security settings, (?func=admin.securityvars), which, by default, is 30 minutes after the last request.
We have refreshToken() to deal with scenarios where you need to keep using your token.
You could, before performing anything, in your code, check the expiration time of your token, and if it's necessary, refresh/get a new one.
Or, you can set it to never expire, but that seems to me to be not the best idea.
How can I set it to never expire?
Appreciate your help.0 -
Nizar_Ghazal said:
If you're purely going off of just the CWS AuthToken (not including OTDS), the token expiration is bound to your Content Server security settings, (?func=admin.securityvars), which, by default, is 30 minutes after the last request.
We have refreshToken() to deal with scenarios where you need to keep using your token.
You could, before performing anything, in your code, check the expiration time of your token, and if it's necessary, refresh/get a new one.
Or, you can set it to never expire, but that seems to me to be not the best idea.
How can I set it to never expire?
Appreciate your help.
The necessity to re-login in CWS can be mitigated by using the GetSessionExpirationDate method to ensure that the ticket remains valid rather than continuously re-authenticating.
0
Categories
- All Categories
- 109 Developer Announcements
- 49 Articles
- 100 General Questions
- 122 IM Services
- 40 OpenText Hackathon
- 31 Developer Tools
- 20.6K Analytics
- 4.1K AppWorks
- 8.9K Extended ECM
- 897 Cloud Fax and Notifications
- 77 Digital Asset Management
- 9.3K Documentum
- 29 eDOCS
- 122 Exstream
- 39.8K TeamSite
- 1.7K Web Experience Management