1

Previously I had a problem that my UCWA application expired after some time. As a solution to this problem, I have found out that I should make a request every now and then to keep it alive. I decided to set an interval and every 3 minutes request reportMyActivity resource.

However, no matter what, my application always expires after 1 hour. Is there any solution to this? Alternatively, what is the recommended way of re-creating application without leaving website using sample libraries?

Thanks.

leopik
  • 2,323
  • 2
  • 17
  • 29
  • When you say expires after 1 hour, do you mean that any request after that time frame results in a 404 on previously known resources? Are you executing a GET request on the events channel? If so, are you seeing an data when the application expires? – ShelbyZ May 04 '15 at 13:24
  • 1
    By expiration I mean 401 Unauthorized ... and now that you mentioned it I think it is not a problem with UCWA but with the authentication. Either way, if I keep reporting my activity every 3 minutes, will my application ever expire (will my access token expire after 8 hours)? Do I need to report my activity to keep application alive or is it enough to simply listen on event channel and therefore making requests every now and then (max 10 min interval)? By the way, I'm using passive authentication to authenticate. – leopik May 04 '15 at 14:15
  • The request to reportMyActivity is how your are supposed to keep an application alive for its token duration which happens to be 8 hours. After 8 hours requests to any resource should result in 401/404 indicating the token expired and the application has been reclaimed. Listening on the event channel is not enough to keep an application alive. I feel like it is a combination of reportMyActivity/event channel listening that 'should' keep an application alive. – ShelbyZ May 04 '15 at 14:47
  • The error from server is 401 Unauthenticated - The web ticket has expired. Does this mean the access token? – leopik May 04 '15 at 15:13
  • That would be correct, what duration value are you seeing when you get the original response for the token? You should interpret that value as seconds until the token expires. – ShelbyZ May 04 '15 at 15:29
  • Actually I get some "random" values. After refreshing website (and therefore recreating application) a few times, these are the values of `expires_in` from the `/WebTicket/oauthtoken`: 3300, 5178, 2318, 4179 – leopik May 05 '15 at 13:31
  • That does indicate that the token is only active for 38.6 - 86.3 minutes. – ShelbyZ May 06 '15 at 13:03

1 Answers1

3

The time at which the token expires is not entirely relevant, what is important is the 401 Unauthorized indicating that the token has expired. In that failed request there should be one (or two) WWW-Authenticate headers which can be used to point at where to get the next token. You may consider altering the logic responsible for sending requests to UCWA to reflect something like the following:

  1. Send Request
  2. Check Response status code
  3. If 401...
    • Check WWW-Authenticate header and re-issue authentication request(s)
    • Store token and proceed back to step #1
  4. Process Response

This way the application would not need to keep track of the expiry time of the token and could lazily retrieve a new one once it encounters the 401.

ShelbyZ
  • 1,494
  • 1
  • 14
  • 32
  • In the 401 response I have the default 401 HTML page and there is no WWW-Authenticate header, however, I'm following the structure that you described (send request, get 401, reauthenticate, resend request, process response) so thank you for the answer. – leopik May 06 '15 at 14:21