Is there have any API to reset the adapter successStateExpirationSec?

Question

I defined a security check adapter and configured the property which is shown below.

<securityCheckDefinition name="MySecurityTest" class="com.sample.MyTest">
    <property name="successStateExpirationSec" defaultValue="30" description="How long is a successful state valid for (seconds)"/>
</securityCheckDefinition>

The configuration means that when I pass the security check, I can access the protected resource under the scope for 30 seconds. After 30 seconds, the server will force client to logout.

However, no user want their app repeatedly doing validation with high frequency.

We know we can increase the value of successStateExpirationSec, unfortunately, it cannot meet our requirement.

How can I extend the property "successStateExpirationSec" before the time expired and without revalidation ?

score 2 · Accepted Answer · edited Aug 09 '17 at 10:43

2

It is not recommended to update the "SuccessStateExpirationSecond" after setting it and before it expires. I think Logical approach for your usecase is to determine the proper value "SuccessExpirationSecond" and set the properties to that value.

Instead of updating in the SecurityCheckDefinition in adapter.xml, you can also set it programatically by Extending "CredentialValidationSecurityCheck" .

Refer sample here .This allows you to set the default properties value.

edited Aug 09 '17 at 10:43

Vivin K

2,681
1
11
14

answered Aug 08 '17 at 02:46

Kavitha Varadarajan

281
1
8

thanks, how to extend token time while javascript or java adapter method invoked? – DannyYang Aug 10 '17 at 01:39
Please refer https://mobilefirstplatform.ibmcloud.com/tutorials/en/foundation/8.0/authentication-and-security/ on how to access a protected resource with token, In Oauth protocol, the access to a resource happens in 2 phases, first is to "Obtain Access token", whose expiry is set based on the scopes protecting the resource. Second phase is "resource request" with Obtained token from previous phase. – Kavitha Varadarajan Aug 10 '17 at 05:08
I know these 2 phases. We want to know : "Is there any way to reset token expiry time when adapter resource request happens" – DannyYang Aug 10 '17 at 15:23
Nope, this is not possible – Kavitha Varadarajan Aug 11 '17 at 03:13
Thank you Kavitha, Does MobileFirst security framework have refresh token mechanism? – DannyYang Aug 11 '17 at 08:17
2

No , we do not support refresh token mechanism in our Security framework yet. – Kavitha Varadarajan Aug 14 '17 at 03:57
Thank you for your kind assistance. – cnz81 Aug 14 '17 at 06:53

Is there have any API to reset the adapter successStateExpirationSec?

1 Answers1