Token Caching and Sharing, Single Sign On Among Services II: token life time

1. The client can request for the life time of an issued token through configuration with a subelement LifeTime of PreConfiguredSTS:


<t:PreConfiguredSTS xmlns:t="http://schemas.sun.com/ws/2006/05/trust/client"
shareToken="true">
<t:LifeTime>3600</LifeTime>
</t:PreConfiguredSTS>

or programmatically with STSIssuedTokenConfiguration:


config.getOtherOptions().put(STSIssuedTokenConfiguration.LIFE_TIME, Integer.valueOf(3600));

The value is used to construct the Lifetime element in the RST to the STS:


<trust:Lifetime>
<wsu:Created xmlns:wsu="...">2007-10-31T18:39:23.548Z</wsu:Created>
<wsu:Expires xmlns:wsu="...">2007-11-01T02:39:23.548Z</wsu:Expires>
</trust:Lifetime>

2. By default, an exception is thrown if the token cached to be used on the client side is expired.

3. You can enable to automatically request for a new token for an expired token by configuration
with attribute renewExpiredToken in PreConfiguredSTS:


<t:PreConfiguredSTS xmlns:t="http://schemas.sun.com/ws/2006/05/trust/client"
shareToken="true"
renewExpiredToken="true">
<t:LifeTime>3600</LifeTime>
</t:PreConfiguredSTS>

or programmatically with STSIssuedTokenConfiguration:


config.getOtherOptions().put(STSIssuedTokenConfiguration.RENEW_EXPIRED_TOKEN, "true");

Comments:

Post a Comment:
  • HTML Syntax: NOT allowed
About

Jiandong Guo

Search

Categories
Archives
« April 2014
SunMonTueWedThuFriSat
  
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
   
       
Today