M
MTBOO
Guest
I think the issue is with switching to using oerealm-basic authentication model and web handlers instead of the REST adapter with PASOE. If I access the back-end business entity (HTTP GET) using the web-handler url, I get a login dialog as expected for secured resources. The HybridRealm is then used which authenticates the user and password against a user table in our database (not _user). I have debugged both the PASOE activate procedure and the HybridRealm class. When I make the request to the URL from the browser, after login dialog, I can see the activate procedure is called several times. The first few have the same unique id in SESSION:CURRENT-REQUEST-INFO:ClientContextId. The same value (integer) then appears in SESSION:CURRENT-REQUEST-INFO:SessionId. There is no valid client-principal object. After 3 or 4 iterations of the above, I see the debug message from the HybridRealm class (at the point of ValidatePassword). Even at this point, the CURRENT-REQUEST-INFO:ClientContextId and SessionId is the same as above. However immediately after the user validation, the activate procedure is called again. This time there is a valid and sealed client principal object. The SESSION:CURRENT-REQUEST-INFO:ClientContextId is 0, SESSION:CURRENT-REQUEST-INFO:SessionId remains as above and Client-Principle-Object:Session-ID is 0.
Continue reading...
Continue reading...