ibm-mobilefirstworklight-adaptersmobilefirst-adaptersworklight-security

Is there have any API to reset the adapter successStateExpirationSec?


I defined a security check adapter and configured the property which is shown below.

<securityCheckDefinition name="MySecurityTest" class="com.sample.MyTest">
    <property name="successStateExpirationSec" defaultValue="30" description="How long is a successful state valid for (seconds)"/>
</securityCheckDefinition>

The configuration means that when I pass the security check, I can access the protected resource under the scope for 30 seconds. After 30 seconds, the server will force client to logout.

However, no user want their app repeatedly doing validation with high frequency.

We know we can increase the value of successStateExpirationSec, unfortunately, it cannot meet our requirement.

How can I extend the property "successStateExpirationSec" before the time expired and without revalidation ?


Solution

  • It is not recommended to update the "SuccessStateExpirationSecond" after setting it and before it expires. I think Logical approach for your usecase is to determine the proper value "SuccessExpirationSecond" and set the properties to that value.

    Instead of updating in the SecurityCheckDefinition in adapter.xml, you can also set it programatically by Extending "CredentialValidationSecurityCheck" .

    Refer sample here .This allows you to set the default properties value.