Hyland Community
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

java foundation API authentication unsuccessful

reachnjain
Champ in-the-making
Champ in-the-making

‎06-24-2012 10:23 AM

Hi,

I am new to alfresco and this is my first post. I am developing a simple client for my organization as a demo for using alfresco in real projects in the organization.

I am using java foundation API and I already have some success in uploading and searching files. I can login too.

Now the question is this -

Once i login through my client, I am unable to logout. Also, once I login in one browser using my client app, I can open my app in another browser and can upload files without login.

My code is as follows - 


@Override
   public String authenticate(String username, String password) {
      AuthenticationService authenticationService = serviceRegistry
            .getAuthenticationService();
      try {

         authenticationService
               .authenticate(username, password.toCharArray());
         String ticket = authenticationService.getNewTicket();
         authenticationService.validate(ticket);
         LOGGER.info("successful login - " + username);
         return ticket;
      } catch (AuthenticationException ex) {
         throw new AuthenticationFailException(LOGIN_FAILED, ex);
      }

   }

   @Override
   public void logout(String username, String ticket) {
      AuthenticationService authenticationService = serviceRegistry
            .getAuthenticationService();
      try {
//         LOGGER.debug("current ticket(before logout) = " + ticket);

         if (authenticationService.authenticationExists(username)) {
            authenticationService.invalidateTicket(ticket);
            authenticationService.invalidateUserSession(username);
         }
//         LOGGER.debug("Authentication exists after logout ="
//               + authenticationService.authenticationExists(username));
//         LOGGER.debug("current ticket(after logout)"
//               + authenticationService.getCurrentTicket());
      } catch (AuthenticationException e) {
         throw new InvalidSessionException(INVALID_SESSION, e);
      } catch (AuthenticationCredentialsNotFoundException e) {
         throw new InvalidSessionException(INVALID_SESSION, e);
      }
   }

Also, I think there should be some handle for session, so that I can use it in every request I make to alfresco. Am I right?

Note: I know that i m not logged out because even after calling logout function, I can still upload and search files without next login.

One more question.. What is the use of ticket if we can do login and logout just with username and password?

Waiting for replies…. :?
Labels:
0 Kudos
2 REPLIES 2

reachnjain
Champ in-the-making
Champ in-the-making

‎06-24-2012 10:43 AM

And i have noticed that after logout, if i see ticket, it has a different value than the original value…
0 Kudos

mrogers
Star Contributor
Star Contributor

‎06-24-2012 12:47 PM

The ticket is the thing that identifies you.    After logout you get a new ticket - its a known issue with the logout webscript.

Whether you can have different sessions in each window of a browser is a browser feature, which you may be able to configure in your browser (depends upon which browser you are using)/

You need to post more details.   For example what do you mean by your client?   If you are using remote interfaces of alfresco, which ones?  (WebScripts, WebServices, CMIS,  JCR, RMI, Other?)
0 Kudos
Getting started

Tags

Find what you came for

We want to make your experience in Hyland Connect as valuable as possible, so we put together some helpful links.

Copyright © 2025 Khoros, LLC