Results 1 to 10 of 17

Thread: validity of auth token

Hybrid View

  1. #1
    Join Date
    Oct 2007
    Posts
    18
    Rep Power
    8

    Default validity of auth token

    Hi,
    1)How to determine the validity of auth token in zimbra on what attrib its based
    2)How zimbra creates auth token based ?

  2. #2
    Join Date
    Aug 2005
    Posts
    1,433
    Rep Power
    12

    Default

    Auth tokens are valid for 12 hours by default. This can be overridden at account/COS level using the zimbraAuthTokenLifetime attribute. (Note that admin tokens use a different default/override.)

    See com.zimbra.cs.account.AuthToken.java for details on how auth tokens are constructed.
    Bugzilla - Wiki - Downloads - Before posting... Search!

  3. #3
    Join Date
    Oct 2007
    Posts
    18
    Rep Power
    8

    Default more enqiry abt auth token

    Once the user gets authenticated thru my own application ,i get the token from my application and now i redirect to Zimbra.
    1)Do i need create Zimbra token for using all the services of Zimbra like eg mail.
    2)what does Zimbra do with the token thet it create in AuthToken.java file.
    I find so many auth token var in Zimbra API's like e_authtoken,than authauthtoken etc.

  4. #4
    Join Date
    Aug 2005
    Posts
    1,433
    Rep Power
    12

    Default

    Look at the documentation for preauth. I think that's what you want.
    Bugzilla - Wiki - Downloads - Before posting... Search!

  5. #5
    Join Date
    Oct 2007
    Posts
    18
    Rep Power
    8

    Default auth token

    Hi,
    Sorry but i think i am not able to express my prob.
    Let me put it again my design.
    1)I have a client which logins in some auth service outside zimbra and returns me token(not a zimbra token) .
    2)next now i am in zimbra after getting token from someother party,now i am using all services of zimbra but i want to use my token instaed of zimbra token.
    3)zimbra uses his own token to run all the applications ie mail etc.
    So do i need to override my token with zimbra token or its not needed.What i want is whenever zimbra tries to validate its token i override that method so that it uses my API' method to check the validity of token.
    Than i looked at the code and Zimbra has a method isExpired() so override that and call my API's method which will tell whether my toke is valid or not.Would this solve my purpose ,wee i am not sure.

    Also i am thinking do i need to change in all places ACCOUNT_STATUS.
    Please help

  6. #6
    Join Date
    Sep 2006
    Posts
    252
    Rep Power
    9

    Default

    I would suggest using your token for your own app and zimbra's for your communication with it.

    Changing the token zimbra uses will require a recompile of zimbra and a lot of testings.

    Another solution is to use zimbra's token for everything.

Similar Threads

  1. Basic SOAP Questions
    By bgibby in forum Developers
    Replies: 13
    Last Post: 01-07-2008, 11:57 AM
  2. [SOLVED] NE Migration: SMTP AUTH Failure
    By markpr in forum Installation
    Replies: 14
    Last Post: 10-03-2007, 01:51 PM
  3. Replies: 3
    Last Post: 08-11-2007, 01:40 PM
  4. tls auth only?
    By rmvg in forum Administrators
    Replies: 16
    Last Post: 10-23-2005, 09:50 PM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •