Adobe LiveCycle (Archived)

Report · 3/31/11

hi, just a short question regarding the server to server session and authorization (generation of auth key)

so it is a fact that if you do not invalidate a session, you will get the same auth key when using the same session, same username, same role, but for example i invalidate a session using invalidatesession call, will that action disconnect all the currently logged in users?

Report · 3/31/11

i'm just asking this because i'm thinking what is the best way for example for a host who creates a room meeting (lets say using the same room over and over again), but then again, each room meeting must be unique and independent of each other, and so i'm thinking that, if we make the host generate an authentication key when he logs in, then perhaps he can also invalidate currently existing session first, just to make sure that the previous session is gone and to prevent other users who got the old auth key to be able to use it again, something like this code for the host

                AccountManager am = new AccountManager(ConfigurationSettings.AppSettings["accounturl"]);
                am.login(ConfigurationSettings.AppSettings["username"], ConfigurationSettings.AppSettings["password"]);
                am.invalidateSession(am.getSession(ConfigurationSettings.AppSettings["room"]));
                Session session = am.getSession(ConfigurationSettings.AppSettings["room"]);
                Response.Write(session.getAuthenticationToken(ConfigurationSettings.AppSettings["secretkey"], username, username, UserRole.PUBLISHER));

the only difference for other users will be that they will not be able to call the invalidateSession function, so that they can only use the authkey for the current LCCS room session

Raff_ · 3/31/11

You got it exactly right!

The only thing that invalidateSession currently doesn't do is to stop the current room / kick other users out.

There is a way to "close the room" but I am currently "spaced out" (I think you can send a "roomEnded" message to RoomManager, but I need to check the exact node and item)

In theory you should close the room when the host leaves but if your application allows for participants to "stay in" that's fine too.

In this case I would do something like:

- check if the room is running: (call am.getRoomInfo, it will return an error "not-active" if not)

- if not running, the session is already invalidated, but you can call invalidateSession again, just to make sure.

- if running:

send the roomEnded message

invalidate session

It may take a little while (maybe a few seconds) for the users to get kicked out and the room to end, and actually we wait some more time before clearing up all the room info (in order to support a failure and reconnection) so I am wondering if we have a "bug" where in a case like this you create a new session while the room is still considered "active" then the room finally gets disposed (and we invalidate the session). I'll need to check this particular case.

For now I would suggest you also "wake up" the room before creating the new session (you can send another message to RoomManager, I'll post it later how) so that you know that you should have enough time for the host to join the room.

Again, a little cumbersome, but it should only be if the host wants to start a new session while old participants are still in the room. If you do the initial check in most of the cases I would assume you'll get in right away.

Report · 3/31/11

hi Raff, thanks for this very helpful and suggestive answer,

just some other questions, so in here you mentioned "check if the room is running:", when you say room is running, that means that it invalidateSession hasn't been called on the current session yet right?

how can i send that "roomEnded" message to the RoomManager? that will be sent using server code right? and roomManager is com.adobe.rtc.sharedManagers.RoomManager?

another question which might not be directly related but closely related to this one... how can i check if a room is already existing? because as of now, i'm just adding a try catch block within the createRoom function call, catching RTCError. is there any other way to do this?

Again thank you for the answer, this forum is really very helpful and full of ideas, it is really great that those who knows stuffs with LCCS shares whatever they know =)

nzezelj · 3/31/11

For room check API, Raff was referring to AccountManager's getRoomInfo(String room) API.

Adobe LiveCycle (Archived)

server auth key

Learn

Documentation

Community

Support

Resources

Adobe account

Adobe