Feb 10th, 2012, 06:33 PM
JdbcAuthorizationCodeServices Auth Code removal
I am using the SpringSource-spring-security-oauth-cb957a1 build to test out replacing the InMemorytoken store, client details and authorization code services in the sparklr2 and tonr2 samples . I was under the impression that the authorization tokens were to be relatively long lived and the access tokens TTL would be brief. I maybe wrong but once the tonr user is authenticated, the authorization code (OAUTH_CODE table ) is inserted and after it is used for the creation of the access token, it is removed. Should the OAUTH_CODE records persist for a longer period of time? Even with persisting the tokens, the authorization does not span the session. Sorry if I am misunderstanding the usage of the records in the OAUTH_CODE table and thanks for the help.