5.3.3. Configure token services

The token services configuration includes specifying the token validity period. The token service is configured as a portal component (in the portal scope, as opposed to the root scope - more about that in Foundations chapter).

In the example below, CookieTokenService is a subclass of AbstractTokenService, so it has a property which specifies the validity period of the token.

The token service will initialize this validity property by looking for an init-param named service.configuration.

This property must have three values. 


<component>

  <key>org.exoplatform.web.security.security.CookieTokenService</key>

  <type>org.exoplatform.web.security.security.CookieTokenService</type>

  <init-params>

    <values-param>

(1)      <name>service.configuration</name>

(2)      <value>jcr-token</value>

(3)      <value>7</value>

      <value>DAY</value>

    </values-param>     

  </init-params>

</component>

1

Service name

2

Amount of time

3

Unit of time

In this case, the service name is jcr-token and the token expiration time is one week.

GateIn 3.2 supports four time units:

  1. SECOND

  2. MINUTE

  3. HOUR

  4. DAY

Copyright ©2012. All rights reserved. eXo Platform SAS