Hi. I am interested to know if it is possible to set up a redirect on token expiration in WEB. Right now when the token expires, the user has to re-enter the password on the same server the user is working on.
The iNotes_WA_LogoutRedirect parameter only works if the user clicks logout, but does not work when the token expires.
Hello Moises,
When token expires, authentication needs to be done again. This is how the token expiration works. Without authentication, redirection is not possible.
Thanks and Regards
Niraj V Jani
How is that not possible? That's what anonymous access is for.
That is the question of how to authenticate the user when the token expires on a particular server.
For example. There are 2 servers. 1 is the entry point, the second is the work server. One token is specified for both of them.
After authorization on server 1, the user will be transferred to server 2 to work. However, once the token runs out, I would like to make the user go back to the first server for re-authorization.
Based on the principle of settings domcfg\iwaredir and access Anonumous it should work. The only question is what should be configured?
Hello
When you access protected resources without LTPA token, it is redirected to the login page.
When accessing resources with anonymous access, the resources will be displayed.
If redirection is needed when the login page is displayed in Server2, the login form of Server2 would need to be customized.
I might be able to write html code to redirect to Server1 on the login form in Server2.
Regards,
Shigemitsu Tanaka
Hi. I ended up setting it up myself.
Example. There are 2 servers configured. 1 server is a login point and the second is a work server.
The user connects to the entry point server, authenticates and is forwarded to the work server.
When the token expires, the user will have to log in on the current server. That is, on the work server.
In order for the user to be thrown to the server of the entry point for authorization, it is necessary to add the following piece of code on the “JS Header” method in the domcfg or iwaredir base (depending on the “Sign In Form Mapping” settings in the domcfg.nsf base) on the entry form:
//Address of entry point
var entryPoint="entrypoint.server.com”
//Current address
var currentEntryPoint=window.location.hostname;
//If the current address does not match the entry point address, then substitute the address for the entry point
if(entryPoint != currentEntryPoint){
var fqdn=window.location.href;
fqdn=fqdn.replace(currentEntryPoint, entryPoint);
window.location.href = fqdn;
}
As a result, when the token expires, the user will be thrown to the login page with the specified code, which will redirect the user to the login page.
The script compares the address of the login point and the current server. That is, if the user is already on the login point, no redirects will occur.
In case of end-to-end authorization on the login point server, the user will automatically receive a new token and continue working.
If the entry point works without pass-through authorization, the user needs to enter the password and refresh the page (Press F5 in the browser).
This setting will work for both Verse and iNotes!
However, I would still like it to be possible to configure this moment on the server side. For example, setting “iNotes_WA_TokenExpireRedirect” which would do these manipulations.