Mobilefirst 8通过获取资源/手动触发来延长登录超时 [英] Mobilefirst 8 extend login timeout by acquiring resource / manual trigger

问题描述

平台:离子3

目标:
对于受保护的资源，有一个范围可以通过超时进行安全检查来保护.
除了在闲置(如1分钟)时踢出用户外，在每次适配器调用后刷新登录会话(访问令牌?).
如果更好，可以通过呼叫刷新登录会话.

Objective:
For protected resources, there's a scope to protected with security checking with timeout.
Beside kicking out user when idling like 1 min, refresh login session(access token?) after each adapter call.
If better, can refresh login session with a call.

发现:
尝试obtainAccessToken并将其插入WLResourceRequest.
对我来说，它只使用Remember Me Duration而不是Success State Expiration.
但是Remember Me Duration之后，它仍然注销而不更新登录会话.

Finding:
Tried obtainAccessToken and insert that in WLResourceRequest.
To me, it just uses Remember Me Duration instead of Success State Expiration.
But after Remember Me Duration, it still logout without updating login session.

这是 Mobilefirst 8.0会话超时实现的重复 ，因为没有最终解决方案.

This is a duplicate of Mobilefirst 8.0 Session timeout implementation as there is no final solution.

感谢您的帮助

推荐答案

IBM MobileFirst发布了一种特殊类型的令牌，称为刷新令牌"，可以在访问令牌到期时用于获取新的访问令牌.令牌，并且与访问令牌相比，有效期更长.

IBM MobileFirst released special type of token called Refresh token which can be used to obtain a new access token when the access token expires.The refresh tokens are long-lived tokens and remain valid for a longer duration of time compared to access tokens.

启用刷新令牌功能:

可以分别在客户端和服务器端使用以下属性来启用刷新令牌功能.

Refresh token feature can be enabled using the following properties on client side and server side respectively.

client-side property File name.: mfpclient.properties Property name: wlEnableRefreshToken Property value: true 例如， wlEnableRefreshToken=true

client-side property File name.: mfpclient.properties Property name: wlEnableRefreshToken Property value: true For example, wlEnableRefreshToken=true

服务器端属性 档案名称:server.xml 属性名称:mfp.security.refreshtoken.enabled.apps 属性值:应用程序捆绑包ID，以;"

server-side property File name: server.xml Property name: mfp.security.refreshtoken.enabled.apps Property value: application bundle id separated by ‘;’

例如，

        <jndiEntry jndiName="mfp/mfp.security.refreshtoken.enabled.apps" value='"com.sample.android.myapp1;com.sample.android.myapp2"'/>

为不同的平台使用不同的捆绑软件ID.

Use different bundle ids for different platforms.

有关更多详细信息，请参阅:刷新令牌

For more details, refer:Refresh token

注意:此功能可从

NOTE: This feature available from from 8.0.0.0-MFPF-IF201711230641-CDUpdate-01 and only in Android ,soon this feature will be available for iOS as well.

这篇关于Mobilefirst 8通过获取资源/手动触发来延长登录超时的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！