Hi, We have done the following changes in the store/controllers/top-assets.jag [1] and store/controllers/logout.jag [2] to get the $subject working. But having some issue while rendering the images in store. This issue not relate with the JWT token based login. When the asset-store published through the AppM, context get changed, but still images (banner & thumbnail) tries to load from the original context.
i.e context given for the asset-store though appM is *teststore/1.0.0/* : https://apps.private.wso2.com/*teststore/1.0.0/* but the banner tries to load as : https://apps.private.wso2.com/*store*/storage/presentation/2a7749a2-73f2-4a78-816b-950156c6e513/29f45234-8d20-465e-be6b-dd1d5c83d8ae/be96aa329d30f45b4357d45b0d8ad68e.jpg it should be : https://apps.private.wso2.com/*teststore/1.0.0/*storage/presentation/2a7749a2-73f2-4a78-816b-950156c6e513/29f45234-8d20-465e-be6b-dd1d5c83d8ae/be96aa329d30f45b4357d45b0d8ad68e.jpg we need to change the logic in ES to read the context correctly and load the images. @Chathurika: can you or someone from team discuss with ES team and get this issue fixed ? [1]. var Base64 = org.opensaml.xml.util.Base64; var log=new Log(); var jwtToken = request.getHeader("X-JWT-Assertion"); if (jwtToken !=null) { var user = require('store').user; var jwtAssertions = jwtToken.split("."); //JWT header by default contains three '.' separated sections var jsonString = String(new java.lang.String(Base64.decode(jwtAssertions[1]))); var obj = parse(jsonString); log.info("************" + obj); var loggedInUser = obj.Subject; session.put("LOGGED_IN_USER", loggedInUser); session.put("server.user", loggedInUser); session.put("Loged", "true"); *session.put("JWT_LOGIN", "true");* //This is used to identify the SAML2 based logout and JWT logout user.permitted(loggedInUser, session); } [2]. <% (function(){ var user = session.get("LOGGED_IN_USER"); if(user === null) { response.sendRedirect('/store'); } *else { if (session.get("JWT_LOGIN") != null) { session.invalidate(); response.sendRedirect('/store'); } *else { var config = require('/config/store.js').config(), sso = require('sso'), sso_sessions = application.get('sso_sessions'), sessionId = session.getId(), encodedSAMLLogoutRequest = sso.client.getEncodedSAMLLogoutRequest(user, sso_sessions[session.getId()], config.ssoConfiguration.issuer), relayState = '/store', postUrl = "https://"; + process.getProperty('server.host') + ":" + process.getProperty('https.port'); var log = new Log(); log.debug("store session index : " + sso_sessions[session.getId()]); %> <div> <p>You are now redirected to Stratos Identity. If the redirection fails, please click the post button.</p> <form id="logoutForm" method="post" action="<%=postUrl%>/admin/samlsso"> <p> <input type="hidden" name="SAMLRequest" value="<%= encodedSAMLLogoutRequest %>"/> <input type="hidden" name="RelayState" value="<%= relayState %>"/> <input type="hidden" name="SSOAuthSessionID" value="<%= sessionId %>"/> <button type="submit">POST</button> </p> </form> </div> <script type = "text/javascript" > document.forms[0].submit(); </script> <% } } }()); %> Regards, Dinusha, -- Dinusha Dilrukshi Senior Software Engineer WSO2 Inc.: http://wso2.com/ Mobile: +94725255071 Blog: http://dinushasblog.blogspot.com/
_______________________________________________ Dev mailing list [email protected] http://wso2.org/cgi-bin/mailman/listinfo/dev
