Hi Dinusha, I'll look into that issue.
Thanks, Best Regards, Lakshitha Harshan Software Engineer Mobile: *+94724423048* Email: [email protected] Blog : http://harshanliyanage.blogspot.com/ *WSO2, Inc. :** wso2.com <http://wso2.com/>* lean.enterprise.middleware. On Wed, Apr 2, 2014 at 11:19 AM, Dinusha Senanayaka <[email protected]>wrote: > > > Hi, > > We have done the following changes in the store/controllers/top-assets.jag > [1] and store/controllers/logout.jag [2] to get the $subject working. But > having some issue while rendering the images in store. This issue not > relate with the JWT token based login. When the asset-store published > through the AppM, context get changed, but still images (banner & > thumbnail) tries to load from the original context. > > i.e > context given for the asset-store though appM is *teststore/1.0.0/* : > https://apps.private.wso2.com/*teststore/1.0.0/* > but the banner tries to load as : > https://apps.private.wso2.com/*store*/storage/presentation/2a7749a2-73f2-4a78-816b-950156c6e513/29f45234-8d20-465e-be6b-dd1d5c83d8ae/be96aa329d30f45b4357d45b0d8ad68e.jpg > > it should be : > https://apps.private.wso2.com/*teststore/1.0.0/*storage/presentation/2a7749a2-73f2-4a78-816b-950156c6e513/29f45234-8d20-465e-be6b-dd1d5c83d8ae/be96aa329d30f45b4357d45b0d8ad68e.jpg > > > > we need to change the logic in ES to read the context correctly and load > the images. @Chathurika: can you or someone from team discuss with ES team > and get this issue fixed ? > > > [1]. > > var Base64 = org.opensaml.xml.util.Base64; > var log=new Log(); > var jwtToken = request.getHeader("X-JWT-Assertion"); > if (jwtToken !=null) { > var user = require('store').user; > var jwtAssertions = jwtToken.split("."); //JWT header by default > contains three '.' separated sections > var jsonString = String(new > java.lang.String(Base64.decode(jwtAssertions[1]))); > var obj = parse(jsonString); > log.info("************" + obj); > var loggedInUser = obj.Subject; > > session.put("LOGGED_IN_USER", loggedInUser); > session.put("server.user", loggedInUser); > session.put("Loged", "true"); > *session.put("JWT_LOGIN", "true");* //This is used to identify the > SAML2 based logout and JWT logout > user.permitted(loggedInUser, session); > } > > > [2]. > > <% > (function(){ > var user = session.get("LOGGED_IN_USER"); > if(user === null) { > response.sendRedirect('/store'); > } > > > > *else { if (session.get("JWT_LOGIN") != null) { > session.invalidate(); > response.sendRedirect('/store'); } *else { > var config = require('/config/store.js').config(), > sso = require('sso'), > sso_sessions = application.get('sso_sessions'), > sessionId = session.getId(), > encodedSAMLLogoutRequest = > sso.client.getEncodedSAMLLogoutRequest(user, sso_sessions[session.getId()], > config.ssoConfiguration.issuer), > relayState = '/store', > postUrl = "https://"; + process.getProperty('server.host') > + ":" + process.getProperty('https.port'); > > var log = new Log(); > > log.debug("store session index : " + > sso_sessions[session.getId()]); > > > %> > <div> > <p>You are now redirected to Stratos Identity. If the > redirection fails, please click the post button.</p> > > <form id="logoutForm" method="post" > action="<%=postUrl%>/admin/samlsso"> > <p> > <input type="hidden" name="SAMLRequest" > value="<%= encodedSAMLLogoutRequest %>"/> > <input type="hidden" name="RelayState" value="<%= > relayState %>"/> > <input type="hidden" name="SSOAuthSessionID" value="<%= > sessionId %>"/> > <button type="submit">POST</button> > </p> > </form> > </div> > <script type = "text/javascript" > > document.forms[0].submit(); > </script> > > <% > } > } > }()); > %> > > > Regards, > Dinusha, > > > > -- > Dinusha Dilrukshi > Senior Software Engineer > WSO2 Inc.: http://wso2.com/ > Mobile: +94725255071 > Blog: http://dinushasblog.blogspot.com/ > > _______________________________________________ > Dev mailing list > [email protected] > http://wso2.org/cgi-bin/mailman/listinfo/dev > >
_______________________________________________ Dev mailing list [email protected] http://wso2.org/cgi-bin/mailman/listinfo/dev
