0

I am currently testing a web application deployed on IBM Websphere Application Server. I understand that I can set the LTPAToken timeout via the console configuration. However, is there any way I can retrieve the timeout duration or a listener in JAVA to indicate that the ltpatoken has expired?

Sebastian
  • 63
  • 7
  • The general duration or for the individual ltpa token? The general setting should be retrievable through wsadmin (script or java code) but I don't know exactly how that value is retrieved. For the individual token, can you get the expiry from the ltpa token cookie? – DanielBarbarian Dec 08 '17 at 07:54
  • Hi, I am looking at both actually. I went through the available methods for the ltpatoken cookie and I can only retrieve max age which I don't think is the timeout duration. – Sebastian Dec 08 '17 at 08:08
  • But every cookie should have an expiry set on it. Or maybe the expiry is set to something else. – DanielBarbarian Dec 08 '17 at 08:23
  • Yes i agree with that point as well. It's just that i have no clue on how to retrieve that value :( – Sebastian Dec 08 '17 at 08:48
  • I would look at Gas answer! – DanielBarbarian Dec 08 '17 at 12:38

2 Answers2

0

You can get the token expiration time in your Java code like this (this will give you credential expiration time)

   Subject callerSubject = WSSubject.getCallerSubject();
   Set<WSCredential> credentials = callerSubject.getPublicCredentials(WSCredential.class);

   // should contain only one credential
   int credSize = credentials.size();
   if( credSize != 1)
        throw new RuntimeException("Invalid credential number: "+credSize);
    WSCredential cred = credentials.iterator().next();
    System.out.println("getExpiration: " + cred.getExpiration()+" date: " + new Date(cred.getExpiration()) + "<BR>");

if you are interested in particular in ltpatoken, you need to extend it a bit (but probably credential will be enough for you):

Set tokens = callerSubject.getPrivateCredentials();

for (Object o : tokens) {
    if(o instanceof SingleSignonToken) {
        SingleSignonToken ssoToken = (SingleSignonToken)o;
        System.out.println("getName: " + ssoToken.getName()+"<BR>");
        if("LtpaToken".equals(ssoToken.getName())){
            System.out.println("getExpiration: " + ssoToken.getExpiration()+"<BR>");
        }
    }
}
Gas
  • 17,601
  • 4
  • 46
  • 93
0

The SingleSignonToken's getExpiration() method returns the expiration time in milliseconds. You can do something like this,

ssoToken.getExpiration() - System.currentTimeMillis();

to find out how much time this token has left. Or, you can call the isValid() method that will do that for you.

Teddy J. Torres
  • 51
  • 4