[OpenAM] how to build/get the tokenID value for isTokenValid()?

Jean Luc jeanluc2008 at gmail.com
Thu Dec 2 16:02:21 GMT 2010


Hello,

I'm working to integrate OpenAM into an enterprise app. For a specific
feature, I need to check if a user's session is still valid.

I've tried to use http://my.opeam.server/openam/identity/isTokenValid but
keep getting false as a result. I'm not 100% sure I'm passing the right
value and in the right format.

As for the value, I tried with both the value of the iPlanetDirectoryPro
cookie as well as JSESSIONID. I thought it was the former (the examples I
saw on the web for OpenSSO had strings with a similar format).

As for the format, I tried posting:

   - as a form (sent with curl -F) which sends the tokenId as Content-Type:
   multipart/form-data;
   - as a POST (sent with curl -d) which sends the tokenId as Content-Type:
   application/x-www-form-urlencoded
   - as a cookie (sent with curl -b)


curl -v -F
tokenId=AQIC5wM2LY4SfcycPGr41JLH_5JN-MxnwPUjo7Vfwm-XoSQ.*AAJTSQACMDE.*
http://my.sso.server:8080/openam/identity/isTokenValid
curl -v -d
tokenId=AQIC5wM2LY4SfcycPGr41JLH_5JN-MxnwPUjo7Vfwm-XoSQ.*AAJTSQACMDE.*
http://my.sso.server:8080/openam/identity/isTokenValid
curl -v -b
tokenId=AQIC5wM2LY4SfcycPGr41JLH_5JN-MxnwPUjo7Vfwm-XoSQ.*AAJTSQACMDE.*
http://my.sso.server:8080/openam/identity/isTokenValid


In all cases I get boolean=false.

I use 9.5.1 RC2 and will soon be upgrading to 9.5.1

Any advice on what I'm doing wrong is appreciated.

Thank you,
JL
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.forgerock.org/pipermail/openam/attachments/20101202/ca157f2e/attachment.html>


More information about the OpenAM mailing list