Hi Team,
We are following encapsulated login token mechanism. We have to extend the login-token expiration time before it expires (before an hour). As per the article https://helpx.adobe.com/in/experience-manager/kb/login-session-refresh-not-working.html encapsulated token login mechanism did not support token refresh(org.apache.jackrabbit.oak.security.authentication.token.TokenConfigurationImpl).Please let me know how to do it programmatically. We are using AEM 6.5.
Thank you,
AryA.
Solved! Go to Solution.
Views
Replies
Total Likes
You can follow and can extend the login-token expiration time programmatically in AEM by updating the cq.authTokenValidity property in the TokenAuthenticationHandler OSGi configuration. Here are the steps:
you can programmatically update the cq.authTokenValidity property using the org.osgi.service.cm.ConfigurationAdmin OSGi service. Here is an example code snippet that demonstrates how to update the cq.authTokenValidity property:
@Component
@Service
public class TokenExpirationTimeUpdater {
@Reference
private ConfigurationAdmin configAdmin;
public void updateTokenExpirationTime(int newExpirationTimeInSeconds) {
try {
Configuration config = configAdmin.getFactoryConfiguration("org.apache.sling.auth.core.impl.TokenAuthenticationHandler", null);
Dictionary<String, Object> properties = config.getProperties();
properties.put("cq.authTokenValidity", newExpirationTimeInSeconds);
config.update(properties);
} catch (IOException e) {
// Handle exception
}
}
}
This code creates a new OSGi configuration for the TokenAuthenticationHandler with the new expiration time specified in the cq.authTokenValidity property. The ConfigurationAdmin service is used to retrieve and update the configuration. Note that you will need to have the appropriate permissions to update the OSGi configuration programmatically.
You can follow and can extend the login-token expiration time programmatically in AEM by updating the cq.authTokenValidity property in the TokenAuthenticationHandler OSGi configuration. Here are the steps:
you can programmatically update the cq.authTokenValidity property using the org.osgi.service.cm.ConfigurationAdmin OSGi service. Here is an example code snippet that demonstrates how to update the cq.authTokenValidity property:
@Component
@Service
public class TokenExpirationTimeUpdater {
@Reference
private ConfigurationAdmin configAdmin;
public void updateTokenExpirationTime(int newExpirationTimeInSeconds) {
try {
Configuration config = configAdmin.getFactoryConfiguration("org.apache.sling.auth.core.impl.TokenAuthenticationHandler", null);
Dictionary<String, Object> properties = config.getProperties();
properties.put("cq.authTokenValidity", newExpirationTimeInSeconds);
config.update(properties);
} catch (IOException e) {
// Handle exception
}
}
}
This code creates a new OSGi configuration for the TokenAuthenticationHandler with the new expiration time specified in the cq.authTokenValidity property. The ConfigurationAdmin service is used to retrieve and update the configuration. Note that you will need to have the appropriate permissions to update the OSGi configuration programmatically.
Hi @Jagadeesh_Prakash ,
We have a different requirement. We have to extend the token which is already created. For example, user logged in and login-token is generated and it has a lifespan of 2hours(which we configure in Apache Jackrabbit Oak TokenConfiguration). Just an hour before it's expiration, we have to extend the session to only this token or generate new token by replacing the existing token with the configured expiration time(2 hrs in this case). I think the above shared code will create a new config as you said and it will be applicable to new sessions as well.
We tried TokenConfiguration, TokenInfo API but the token expiration time is not getting extended.
https://jackrabbit.apache.org/oak/docs/security/authentication/tokenmanagement.html
Thank you,
AryA
@Dinu_Arya But in your case it seems the token will not expire any time. Is that expecation correct?