IBM Verify

IBM Verify

Join this online user group to communicate across Security product users and IBM experts by sharing advice and best practices with peers and staying up to date regarding product enhancements.

 View Only

Help with userlookuphelper caching domains

  • 1.  Help with userlookuphelper caching domains

    Posted 16 hours ago

    Hi,

    I need some help understanding how UserLookupHelper handles domains and caching. From what I see, whenever UserLookupHelper is initialized, the current domain is cached. The problem is that if another proxy triggers the flow, it continues using the previously cached domain instead of switching to the correct one.

    For example:

    • When I log in via www.example.no, it correctly uses the NO domain.

    • But if I then log in via www.example.dk, it still uses the NO domain cached from the earlier request. Even though the LdapDomain here will be set to DK.

    The only workaround I've found is to call userLookupHelper.shutdown() after each request. That does fix the issue, but it feels like a heavy solution, and I'm not sure if that's the recommended approach.

    The code I'm using is based on the IBM-provided Passkey Branching Helper, but slightly modified for the login check. Here's the relevant portion:

    function checkLogin() { var password = getPassword(); if (password != null) { var isAuthenticated = false; try { var ldapServerName = "x"; var ldapConnection = ServerConnectionFactory.getLdapConnectionByName(ldapServerName); var userLookupHelper = new UserLookupHelper(); userLookupHelper.init(ldapConnection, LdapDomain); if (userLookupHelper.isReady()) { var user = userLookupHelper.getUser(username); if (user != null) { isAuthenticated = user.authenticate(password); } }... etc      

    Do you know if there's a better way to handle this caching issue than calling shutdown() every time?



    ------------------------------
    Jonatan Wålegård
    ------------------------------