Logging out
Does anyone know of a way of logging out from Metastorm that can be called from client side script?
I've tried a number of approaches, including adding a new .aspx page that uses BPMContext.SignOut() and none appear to work consistently.
We do not use the native console and instead opt for our own. Simply exiting from our console retains the session if IE is still open on the client machine.
Any suggestions gratefully accepted.
Comments
-
A bit hackish, but I just had a quick test with this and it appears to work from an opened form on a client side command button (if you opened the form from the todo,watch, or blank forms list).
parent.top.window.opener.__doPostBack('ctl00$phUserInfo$btnLogout',''); parent.top.window.close();This is using the auto-generated Asp.Net page postback function on the default 'listviewer' home page in the default web client. Note the brittle way of passing in the id of the logout 'button'. I just grabbed the actual id of the button out of the dom. Most likely this will never change, but it might be different since this id is also autogenerated.
If you want to kill the session on the server without hacking around in the dom, it would require an ecl.ws call.
0 -
This solution will only work if you've opened the form in question from the main Metastorm ToDo / Console, which in my case will not work.
I have a single Admin form that runs independantly from the Metastorm console. This has an 'Exit' button. Currently, this button simply cancels the form. However, if another IE window is open, the session remains constant and the user is still 'logged in', which is a security flaw.
As noted in my question, I have managed to call out to a new .aspx form that has a single command; BPMContext.Current.SignOut(), mimicing the logout button on the Metastorm console. However, clicking exit will then cause a 'No Engines Available' error.
Does anyone have any thoughts?
0 -
If you're not using the default list viewer with the logout button, then I might suggest using the ECL.WS to logout in your aspx page. If you can pass your MBPM session ID to your aspx page, then in code behind you can create a new ecl service client and service session state, set the service session state's session id property to your passed in value, then call MyServiceClient.Logout(MyServiceSessionState). You will be effectively impersonating your MBPM session for the sole purpose of logging out. This kills the session on the server. You might also look into clearing all cookies in your open browser(s), but that would leave the session alive on the server.
0 -
Tony,
Do you have some sample code on how to do this? I've had a quick play and cannot seem to be able to log in using the session ID. I cannot work out what the parameters need to be to do this.
Out of interest, is there any comprehensive documentation on how to use the ECL webservice? I cannot find anything in the standard documentation in the knowledgebase. At the moment, I am just guessing what the parameters should be.
Nils.
0 -
If you install the SDK there are ECL samples using the web service as well as some documentation.
0
Categories
- All Categories
- 123 Developer Announcements
- 54 Articles
- 155 General Questions
- 148 Thrust Services
- 57 Developer Hackathon
- 37 Thrust Studio
- 20.6K Analytics
- 4.2K AppWorks
- 9K Extended ECM
- 918 Core Messaging
- 84 Digital Asset Management
- 9.4K Documentum
- 32 eDOCS
- 190 Exstream
- 39.8K TeamSite
- 1.7K Web Experience Management
- 9 XM Fax
- Follow Categories
