cancel
Showing results for 
Search instead for 
Did you mean: 

Refresh Api Authentication Ticket

v_giannini
Champ in-the-making
Champ in-the-making

Hi all,

I'm integrating alfresco rest-api, using alfresco latest version, as DMS services for external web applications.

I'm experiencing some troubles about authentication, the question is this:

How I can refresh an expired authentication ticket for rest api wihout executing e new  /tickets post passing username and password?

Web applications in accord with GDPR cannot store user passwords and without a refresh service I'm not able to guarantee the validity of an authentication ticket requested by external web applicatrion at login time.

The typical scenario could be this:

The user logins the external web application, in the same time the application executes a /ticket post to obtain an authentication ticket.

Supposing in alfresco is configured a 10 minutes ticket validity time, if the user navigates the external web application for 11 minutes and then executes an action to obtain for example his user home folder list, the ticket obtained by the application for alfresco at login time will be not valid anymore, I need to refresh it such as oauth protocol does passing the expired ticket and obtaining a new one but I don't see any rest endpoint in the rest api explorer to do it. It seems that the only way is to execute a new /tickets call but once a user is logged in the application cannot store the (clear) user password.

I'm really in trouble please help me Smiley Sad

1 ACCEPTED ANSWER

abhinavmishra14
World-Class Innovator
World-Class Innovator

Hi Vincenzo

One quick turnaround solution is to increase the time validity for longer time. You could match the session expiry time set on the application which user uses and session would be expired in that application for inactivity. This session expiration time can be equal to the Alfresco ticket validity. 

Set the following property in alfresco-global.properties file:

authentication.ticket.validDuration=PT2H

This example shows the validity is set to 2 hours. 1 hour is the default setting 

There is another case here, if you want to see it:  

https://community.alfresco.com/thread/182531-how-to-get-alfresco-ticket-session-expiration-time

Another solution is to get rid of the dependency on ticket. Implement SSO instead and let SSO takes care of authentication etc. This would take some time to fix the issue until implementation. But you don’t have to be dependent on the alf_ticket.

~Abhinav
(ACSCE, AWS SAA, Azure Admin)

View answer in original post

3 REPLIES 3

abhinavmishra14
World-Class Innovator
World-Class Innovator

Hi Vincenzo

One quick turnaround solution is to increase the time validity for longer time. You could match the session expiry time set on the application which user uses and session would be expired in that application for inactivity. This session expiration time can be equal to the Alfresco ticket validity. 

Set the following property in alfresco-global.properties file:

authentication.ticket.validDuration=PT2H

This example shows the validity is set to 2 hours. 1 hour is the default setting 

There is another case here, if you want to see it:  

https://community.alfresco.com/thread/182531-how-to-get-alfresco-ticket-session-expiration-time

Another solution is to get rid of the dependency on ticket. Implement SSO instead and let SSO takes care of authentication etc. This would take some time to fix the issue until implementation. But you don’t have to be dependent on the alf_ticket.

~Abhinav
(ACSCE, AWS SAA, Azure Admin)

How do I mention Minutes.

For testing purpose I need to set around 5min.

Could you please let us know.

Thanks

Rudresh

@Rudresh-Nagaraj 

You can use following (notice the 'M'):

authentication.ticket.validDuration=PT5M

----------------------------------------
This is how time duration formats PT<number><timeDuration> Look like:

PT2S - 2 seconds 

PT2M - 2 minutes 

PT2H - 2 hours

PT2H30M - 2 hours 30 minutes 

PT2D - 2 days

PT2Y - 2 years 

~Abhinav
(ACSCE, AWS SAA, Azure Admin)