FORUM PLAN UPDATE
Date revision: This forum will remain open to new posts and responses until December 1, 2018. (After that date, you will still be able to view and search the forum.) Also, we're taking a second look at the best place to host future conversation. For now, keep using this forum, and stay tuned for more news.



May 16, 2011, 5:04 AM
57 Posts

Verify user password from domino Directory + manually generate LtpaToken problem

  • Category: Other
  • Platform: Windows
  • Release: 8.5.2
  • Role: Developer
  • Tags: LtpaToken
  • Replies: 3
 
this issue is not specific for Xpages, but since I invoke the function from a .xsp , so maybe I should post the question here
 
My goal is programtically adding a domino user in a external domino directory, then automatically log in this user by generating a LtpaToken using this users shortName or internetAddress
 
souce code that I use for creating a LtpaToken comes from here
http://www.dominoexperts.com/de/forum.nsf/0/0F09C3686D929539C12572DD003EA8EB
 
The issue I am facing is:
After creating a new user in external directory, if I use a xhr.post for log in, it works

dojo.xhrPost({
     url: '/names.nsf?login',
     content: {
        "username" : userName,
        "password" : password   
     }) 
 
but if I try to generate a token manually for this user, even though user becomes "log in" user immediately, Domino could not identify this user as a real user at the beginning, untill 50 to 60 seconds pass by.
--------------
com.ibm.designer.runtime.directory.impl.DirectoryUserImpl user = (com.ibm.designer.runtime.directory.impl.DirectoryUserImpl) o;
user.getFullName()  
user.getMail()
 
fullname and mail returns null within the first minute
--------------
 
so the log in process with xhr.post must have a extra step more than generating the  LtpaToken, so the log in user is really regonized as a real domino user immediately (not after 50-60 seconds)
my question is, what is that extra step? 
(new user is added,  hashPassword, verifyPassword works.....log in with xhrpost works, but log in with token delays by more or less one minute)
(People and User View are refreshed as well before generating the token)

regards
wei
 
 
May 16, 2011, 1:27 PM
170 Posts
Re: Verify user password from domino Directory + manually generate LtpaToken problem
Try to set the http password using the administration process then it should work better.
My experience is that if you add users you need to send some kind of request using the Adminp to  
update the cache also.  
 
Thanks 
Fredrik 
May 16, 2011, 5:15 PM
57 Posts
Re: Verify user password from domino Directory + manually generate LtpaToken problem
Hi Fedrik
My goal is actually trying to simulate the log in/out process programmatically without using the admin panel.........refreshing the admin panel is not really what I want.
 
 
I made it work by refreshing all the views  in domino directory before generating token, then I tried to find out which views are essesntial ones, in odd number, even number, from 1 to 30, 1 to 35...........and so on....but seems still need to refresh all........

 my colleges told me its not a good way to simulate the login/out process programmtically.......but he could not really justify why.......now the login/out process is invoked in xpages using sessionAsSigner.........wonder if its safe to use sessionAsSigner accessing sensitive data like domino directory,,,,,,,
May 17, 2011, 12:49 PM
170 Posts
Re: Verify user password from domino Directory + manually generate LtpaToken problem
Always handle extra rights with care. 
 
/Fredrik 
 
 

FORUM PLAN UPDATE
Date revision: This forum will remain open to new posts and responses until December 1, 2018. (After that date, you will still be able to view and search the forum.) Also, we're taking a second look at the best place to host future conversation. For now, keep using this forum, and stay tuned for more news.