0

How can I have to generate SSO token after crowd login (via rest service) for case when I can use this token for login to crowd? I mean I use

crowdClient.authenticateUser(...)

and after that

crowdClient.authenticateSSOUser

with same credentials (and I tried in reverse order)

I store this token in crowd.token_key session variable, but Crowd doesn't authenticate me by this token.

But if I logged in crowd first my app recognize this token.

I think it should be depends from ValidationFactor, but I don't know which I should to use.

Kara
  • 6,115
  • 16
  • 50
  • 57
beowulf13th
  • 447
  • 1
  • 6
  • 16

1 Answers1

0

I found solution in CROWD source code. You need to generate token with next validation factors:

 List<ValidationFactor> validationFactors = new ArrayList<>();
 validationFactors.add(new ValidationFactor(ValidationFactor.REMOTE_ADDRESS, request.getRemoteAddr()));
 String remoteAddressXForwardFor = request.getHeader(ValidationFactor.X_FORWARDED_FOR);
 if (remoteAddressXForwardFor != null && !remoteAddressXForwardFor.equals(request.getRemoteAddr())) {
     validationFactors.add(new ValidationFactor(ValidationFactor.X_FORWARDED_FOR, remoteAddressXForwardFor));
 }
beowulf13th
  • 447
  • 1
  • 6
  • 16