Hi three,
How can I prove this existingSession working(see below link of an article), because I tried few ways to get existingSession but couldn’t get to the if condition. Well, I created a realm and configured an authentication tree and had a scriptlet with the below url code. In my authentication after LDAP authentication am using a scriptlet to see if I get to existingSession to Yes , but it always goes to No. Please advise how can I reproduce it. thanks
For ease i captured the code from the above link.
if (typeof existingSession !== ‘undefined’)
{
outcome = “Yes”;
//existingAuthLevel = existingSession.get(“AuthLevel”);
}
else
{
outcome = “No”; //logger.error(“Not a session upgrade.”);
}
The node will only have the existingSession variable populated when the user already have a session when accessing the authentication node in question. When you are running your tests are you sending the session cookie along with your authentication request?
first i used above url it prompts for challenge->supplied credentials->authenticated.
Again in the same browser hit the above url it didn’t prompt for authenticaitn logged in.
The problem is during 2 step was it didn’t even go to the authentication tree, I want to check if an exsistingSession exists want to have sort of mfa. Pls advice. thanks
In step 2, the tree won’t be re-executed, because your session was originally established using that tree already. You will need to trigger session upgrade: https://backstage.forgerock.com/docs/am/7.2/sessions-guide/session-upgrade.html
The existing session check will only work when you are doing a session upgrade.