Mobilefirst 8通过获取资源/手动触发来延长登录超时 [英] Mobilefirst 8 extend login timeout by acquiring resource / manual trigger
问题描述
平台:离子3
目标:
对于受保护的资源,有一个范围可以通过超时进行安全检查来保护.
除了在闲置(如1分钟)时踢出用户外,在每次适配器调用后刷新登录会话(访问令牌?).
如果更好,可以通过呼叫刷新登录会话.
Objective:
For protected resources, there's a scope to protected with security checking with timeout.
Beside kicking out user when idling like 1 min, refresh login session(access token?) after each adapter call.
If better, can refresh login session with a call.
发现:
尝试obtainAccessToken
并将其插入WLResourceRequest
.
对我来说,它只使用Remember Me Duration
而不是Success State Expiration
.
但是Remember Me Duration
之后,它仍然注销而不更新登录会话.
Finding:
Tried obtainAccessToken
and insert that in WLResourceRequest
.
To me, it just uses Remember Me Duration
instead of Success State Expiration
.
But after Remember Me Duration
, it still logout without updating login session.
这是 Mobilefirst 8.0会话超时实现的重复 ,因为没有最终解决方案.
This is a duplicate of Mobilefirst 8.0 Session timeout implementation as there is no final solution.
感谢您的帮助
推荐答案
IBM MobileFirst发布了一种特殊类型的令牌,称为刷新令牌",可以在访问令牌到期时用于获取新的访问令牌.令牌,并且与访问令牌相比,有效期更长.
IBM MobileFirst released special type of token called Refresh token which can be used to obtain a new access token when the access token expires.The refresh tokens are long-lived tokens and remain valid for a longer duration of time compared to access tokens.
启用刷新令牌功能:
可以分别在客户端和服务器端使用以下属性来启用刷新令牌功能.
Refresh token feature can be enabled using the following properties on client side and server side respectively.
client-side property
File name.: mfpclient.properties
Property name: wlEnableRefreshToken
Property value: true
例如,
wlEnableRefreshToken=true
client-side property
File name.: mfpclient.properties
Property name: wlEnableRefreshToken
Property value: true
For example,
wlEnableRefreshToken=true
服务器端属性 档案名称:server.xml 属性名称:mfp.security.refreshtoken.enabled.apps 属性值:应用程序捆绑包ID,以;"
server-side property File name: server.xml Property name: mfp.security.refreshtoken.enabled.apps Property value: application bundle id separated by ‘;’
例如,
<jndiEntry jndiName="mfp/mfp.security.refreshtoken.enabled.apps" value='"com.sample.android.myapp1;com.sample.android.myapp2"'/>
为不同的平台使用不同的捆绑软件ID.
Use different bundle ids for different platforms.
有关更多详细信息,请参阅:刷新令牌
For more details, refer:Refresh token
NOTE: This feature available from from 8.0.0.0-MFPF-IF201711230641-CDUpdate-01 and only in Android ,soon this feature will be available for iOS as well.
这篇关于Mobilefirst 8通过获取资源/手动触发来延长登录超时的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!