Hyland Community
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

loginticket built in web service

tsgpartner_mui
Champ in-the-making
Champ in-the-making

‎12-19-2007 06:14 PM

I was wondering how the loginticket built-in web script works.


Just by playing with it, I'm not quite sure what it is doing behind the scenes.  Correct me if I'm wrong.   But to my understanding, it calls two different methods - delete and get.  Both Having the same exact url, I believe the loginticket.delete.desc.xml is calling the loginticket.get.desc.xml to get the ticket which was entered in the url by the user, and then it deletes that ticket, which finally gives the user a 404 error, "ticket not found."


So for instance, I used the "login" built-in web service to establish a ticket.  Then, I used that ticket to be passed into the loginticket url.  When I tested this out with different users and passwords and with /alfresco/service/ or /alfresco/wcservice, I got mixed results.  Sometimes using the loginticket service, I was given the 404 error, which is suppose to happen, since to my understanding, thats the message to know that you have deleted the session.   And then, sometimes it would result to the ticket displayed in the xml ftl response template, which would mean, it didnt get deleted, but its still valid, right?  What I think is the cause could be the user I was logged as into in alfresco…



Anyway, what I want to do is to have two services that uses javascript:

1) would check if a particular session is still valid and

2) delete a particular session.   Again, to my understanding, the delete session ticket is already provided built in. 

And what I thought I could do is use the code similar to the "get" part of the loginticket service, but call the service with a different url like: 

/sample/validate/ticket/{ticket}


But that didn't seem to work, giving me a 500 error stating a line of code in my xml ftl is undefined.  The ftl file is basically the same as the loginticket.get.xml.ftl




Any input would be appreciated.

Thanks.
Labels:
0 Kudos
15 REPLIES 15

tsgpartner_mui
Champ in-the-making
Champ in-the-making

‎12-21-2007 05:17 PM

actually searchin through some prior forum posts, i might need to call teh loginticket.delete through java.  because the delete service doesnt work in my opinion.  i will have to play with this.
0 Kudos

tsgpartner_mui
Champ in-the-making
Champ in-the-making

‎01-10-2008 12:46 PM

for the loginticket.get and loginticket.delete web scripts,


SInce these scripts are java-backed, Is there documentation of the java source files these scripts refer to?  I'm curious to see how the code works for each one.  I tried looking for it in alfresco and the wiki.



Thanks
0 Kudos

davidc
Star Contributor
Star Contributor

‎01-10-2008 01:16 PM

This is all documented in the WIKI - I suggest you take some time to learn the conventions for tying a java class to a web script.

http://wiki.alfresco.com/wiki/Web_Scripts#Java-backed_Web_Scripts

For a given Web Script you can get everything you need to know about it via the following Alfresco server URL…

http://localhost:8080/alfresco/service/script/{serviceId}

where

{serviceId} = the full id of the web script

e.g. for login.get, use

http://localhost:8080/alfresco/service/script/org/alfresco/repository/loginticket.get

This will tell you the backing java class amongst other things.

e.g.


Get Login Ticket

Authentication:   user
Transaction:   required
Method:   GET
URL Template:   /api/login/ticket/{ticket}
Format Style:   any
Default Format:   xml
Implementation:   class org.alfresco.repo.web.scripts.bean.LoginTicket


You can also look in web-scripts-application-context.xml for the web script  bean definition and implementation class.
0 Kudos

tsgpartner_mui
Champ in-the-making
Champ in-the-making

‎01-10-2008 01:29 PM

If you didnt check the other discussion I was having with you in the other forum, I was able to bind my webscript succesfully.


And I have looked at the web-scripts-application-context.xml before.



I was looking for the java code/jar file that runs these files?  I know they're built in but is the code available to look at
0 Kudos

davidc
Star Contributor
Star Contributor

‎01-10-2008 01:42 PM

From the front page of the WIKI http://wiki.alfresco.com/wiki/

Source Downloads

    * Alfresco SDK  http://wiki.alfresco.com/wiki/Alfresco_SDK
    * Subversion Access  http://wiki.alfresco.com/wiki/Alfresco_SVN_Development_Environment
    * Browse SVN Head  http://svn.alfresco.com/repos/alfresco-open-mirror

Whichever of the above you choose, search for the file called LoginTicket.java
0 Kudos

tsgpartner_mui
Champ in-the-making
Champ in-the-making

‎01-10-2008 06:26 PM

Thank you, that's what I am looking for.



I don't know if you read the earlier post (the first one I posted here) in this forum.  Maybe you can provide your insight.


How does the loginticket.get and loginticket.delete work?  Still confused.  Do they work together? or seperately?  Seems like they work together because for delete to work, it has to use a 'get' method… not sure however



I'm trying to test out it but doesn't give me the results I'm looking for.

For example, referring to the java code, one of the first checks is to see if someone entered a ticket, so it should return a bad request, "Ticket Not Specified".  However when testing, it returns  a 404, Ticket not found, when you do not provide one.


I might be getting confused, since hitting the webscripts through URL, you're already logged in alfresco as an user.  Are there more than one session?  Please help clarify.

For example, I'm logged as admin in alfresco and using the login web script, I have a ticket from passing u=admin, pw=admin.

But when I try to delete that  ticket, it returns the same ticket in xml format response. 

Then I try to delete a ticket which was provided from passing through a different user and password (from login web script) than 'admin'.  The result is that I get a 404, ticket not found.  And if delete is successful, shouldn't there be a status message stating "Deleted Ticket" + provided Ticket" ???  I have not ever seen this message yet in my testing.
0 Kudos

davidc
Star Contributor
Star Contributor

‎01-11-2008 04:53 AM

Please provide the exact set of urls you're issuing - then we can attempt to reproduce.

Also, please provide whether you're using a browser or java or some other client for your own testing.
0 Kudos

tsgpartner_mui
Champ in-the-making
Champ in-the-making

‎01-11-2008 10:28 AM

Testing simply with a browser, firefox.

TEST A
1.  Login with admin: http://localhost:8080/alfresco/service/api/login?u=admin&pw=admin

result: <ticket>TICKET_a2148fee37e8cb2c274a2e4f81c390d9ea2523ee</ticket>


2. Delete ticket:
http://localhost:8080/alfresco/service/api/login/ticket/TICKET_a2148fee37e8cb2c274a2e4f81c390d9ea252...

result: <ticket>TICKET_a2148fee37e8cb2c274a2e4f81c390d9ea2523ee</ticket>


TEST B
1. Login with user 'mark':
http://localhost:8080/alfresco/service/api/login?u=mark&pw=demo

result: <ticket>TICKET_dfe6f3e43362f17daa81f36587899c1fab9383ba</ticket>


2.  Delete ticket:
http://localhost:8080/alfresco/service/api/login/ticket/TICKET_dfe6f3e43362f17daa81f36587899c1fab938...

result:

<response>
−
   <status>
404

<name>Not Found</name>
<description>Requested resource is not available.</description>
</status>
<message>Ticket not found</message>
<exception/>
<callstack>
  </callstack>
<server>Alfresco Enterprise Network v2.1.1 (164) schema 76</server>
<time>Jan 11, 2008 9:23:14 AM</time>
</response>



TEST C
(test for check "Ticket not specified")
1. http://localhost:8080/alfresco/service/api/login/ticket/

result:

<response>
−
   <status>
404

<name>Not Found</name>
<description>Requested resource is not available.</description>
</status>
<message>Ticket not found</message>
<exception/>
<callstack>
  </callstack>
<server>Alfresco Enterprise Network v2.1.1 (164) schema 76</server>
<time>Jan 11, 2008 9:33:24 AM</time>
</response>
0 Kudos

davidc
Star Contributor
Star Contributor

‎01-11-2008 11:36 AM

TEST A 2. Delete ticket:
http://localhost:8080/alfresco/service/api/login/ticket/TICKET_dfe6f3e43362f17daa81f36587899c1fab938...

This is not deleting the ticket, it's just getting it.  The browser issues HTTP GET requests.  If you want to mimick a DELETE request via the browser, you can append the url argument

alf_method=DELETE

TEST B 2. Delete ticket:
http://localhost:8080/alfresco/service/api/login/ticket/TICKET_dfe6f3e43362f17daa81f36587899c1fab938...

Again this is not a delete.  However, were you asked to login.  If so, did you enter TICKET_dfe6f3e43362f17daa81f36587899c1fab9383ba into the username of the login box (password is left blank).  If not, then you'll get a not found for the ticket, as the get ticket web script only allows the owner to see it.  The delete ticket web script behaves the same way.
0 Kudos
Getting started

Tags

Find what you came for

We want to make your experience in Hyland Connect as valuable as possible, so we put together some helpful links.

Copyright © 2024 Khoros, LLC