• 1 reply
  • Latest Post - ‏2012-10-05T18:24:14Z by MichaelOrtman
17 Posts

Pinned topic Question on Worklight Authentication flow when the session cookie expires

‏2012-10-05T17:42:25Z |
Can you provide the flow shown in Slide 5, when you send the request to protected resource but the session cookie expired or invalid ? What will happen in this situation ?

Will Worklight redirect the user to the login screen of the application and what happen to the application, will WL resubmit the original request and will the application return the original screen where you sent the request ? Or do user have to go to the home screen of the application and redo all the steps.

Also can you provide the flow on slide 5 when you use Web Seal/Tam reverse proxy for authentication between device and WL server ?
  • MichaelOrtman
    35 Posts

    Re: Question on Worklight Authentication flow when the session cookie expires

    Your work light application should automatically redirect to the login screen in the scenario of the session cookie is expired or has become invalid. This is done using a Challenge Handler (see the same authentication concepts training module on Challenge Handlers). Once the user performs a submitSuccess() inside the challenge handler, the request will be resent. Its up to the challenge handler to get the app back where it is supposed to be.
    For your TAM/WebSEAL flow request:

    Unauthenticated request tries to access the protected resource
    TAM/WebSEAL acts as a reverse proxy, and returns a login form if LTPA cookie has expired/invalid.
    Challenge handler detects challenge, collects user credentials and sends them to TAM/WebSEAL
    WebSEAL sets an LTPA cookie and sends login success response back to client.
    Client application automatically reissues the original request
    TAM/WebSEAL forwards request to worklight server, where the Authenticator/Login Module logs in the user based on the LTPA token
    Client receives original request's response from worklight server through TAM/WebSEAL
    Topology looks something like this:

    Hope this helps,
    Mike Ortman