Hyland Community
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Tomcat sessions and Alfresco tickets, is it the same ?

zomurn
Champ in-the-making
Champ in-the-making

‎02-26-2009 08:01 AM

Hello,

I would say no because I have a problem with that :

I'd like to prevent two connections of the same user in alfresco.
For this, in the login() method I check all tickets with :

Set<String> lTickets = authenticationServiceImpl.getUsersWithTickets( true );

If the user who attempt to login has the login present in the "lTickets" returned set. I refuse to log the person in alfresco.
This works.
The problem arrives when the end user (very end) close the windows directly.
Then the unique way to kill the session is with tomcat parameter in web.xml "session-timeout".
But waiting the session to be killed thanks tomcat so that the user can connect again doesn't always work but sometimes.
So can you help me to kill the user session (or check to double login) when the user close navigator (without clicking logout).

Thanks
Labels:
0 Kudos
3 REPLIES 3

zomurn
Champ in-the-making
Champ in-the-making

‎02-26-2009 08:12 AM

I saw the method public void setOneOff(boolean oneOff) in InMemoryTicketComponentImpl which might be interesting….
..I just tested, but this method doesn't prevent double login Smiley Sad
0 Kudos

zomurn
Champ in-the-making
Champ in-the-making

‎02-26-2009 10:13 AM

In fact, we don't have to touch at tomcat session. Parameters need to be set inside the XML file directly authentication-services-context.xml :

<!– The ticket component.                                              –>
    <!– Used for reauthentication                                          –>
    <bean id="ticketComponent" class="org.alfresco.repo.security.authentication.InMemoryTicketComponentImpl">
        <property name="ticketsCache">
            <ref bean="ticketsCache"/>
        </property>
        <!– The period for which tickets are valid in XML duration format. –>
        <!– The default is P1H for one hour.                               –>
        <property name="validDuration">
            <value>P20M</value>
        </property>
        <!– Do tickets expire or live for ever?                            –>
        <property name="ticketsExpire">
            <value>true</value>
        </property>
        <!– Are tickets only valid for a single use?                       –>
        <property name="oneOff">
            <value>false</value>
        </property>
    </bean>

The problem is that, setting like this below, means after 20 minutes of inactivity or activity and *not* only inactivity, the ticket (= session) is expired.

  <property name="validDuration">
            <value>P20M</value>
        </property>
        <!– Do tickets expire or live for ever?                            –>
        <property name="ticketsExpire">
            <value>true</value>
        </property>
0 Kudos

zomurn
Champ in-the-making
Champ in-the-making

‎02-26-2009 10:18 AM

Exactly my problem here :

https://issues.alfresco.com/jira/browse/ETWOONE-74
0 Kudos
Getting started

Tags

Find what you came for

We want to make your experience in Hyland Connect as valuable as possible, so we put together some helpful links.

Copyright © 2025 Khoros, LLC