-
July 1st, 2015, 11:48 AM
#1
Reconnection with ARI and one time auth tokens
Hi,
Following the advice from LS js client docs:
The password string will be stored as a JavaScript variable. That is necessary in order to allow automatic reconnection/reauthentication for fail-over. For maximum security, avoid using an actual private password to authenticate on Lightstreamer Server; rather use a session-id originated by your web/application server, that can be checked by your Metadata Adapter.
We're not using any other web server, only LS. We've resorted to implementing special login token that is sent to the client upon receiving correct credentials (that are sent using sendMessage(), in a non authenticated session). Client can then use this token to open a new, authenticated session, by supplying it as a password on connectionDetails.
We want to make this token non reusable, but still allow for automatic reconnection in case of network problems.
How does LS behave in case of the reconnection / reauthentication mentioned in the docs above? Does it supply a new sessionId to Metadata adapter for every new retry? I.e. in our ARI Metadata adapter, can we restrict login tokens to be used only once, or we have to allow reuse of the same token as long as the sessionId is the same?
Tnx,
Dejan
Similar Threads
-
By LS_Developer in forum Client SDKs
Replies: 7
Last Post: June 14th, 2012, 08:35 AM
-
By emiliob in forum Client SDKs
Replies: 12
Last Post: October 14th, 2010, 07:00 AM
-
By k0nan in forum Adapter SDKs
Replies: 1
Last Post: May 12th, 2010, 09:50 AM
-
By cbcrack in forum Adapter SDKs
Replies: 3
Last Post: January 7th, 2008, 09:07 AM
-
By Alessandro in forum Adapter SDKs
Replies: 2
Last Post: July 30th, 2007, 11:29 AM
Tags for this Thread
Posting Permissions
- You may not post new threads
- You may not post replies
- You may not post attachments
- You may not edit your posts
-
Forum Rules
All times are GMT +1. The time now is 07:55 AM.
Bookmarks