CA AuthMinder Java Developer's Guide › Authenticating Users › Verifying the Authentication Tokens

Verifying the Authentication Tokens

The AuthMinder Authentication SDK provides an appropriate token to the end user after they authenticate successfully. The token is then presented to the AuthMinder Server, indicating that the user is authenticated and can be provided access to the protected resources.

By using the Authentication Web service, you can specify whether the token has to be returned after authentication or not. In addition, you can also specify the type of the token that must be returned after authentication. The verifyAuthToken method specifies the return token type and supports the following types of tokens:

• Native Tokens

  Specify this type when CA-proprietary (or Native) token is required after successful authentication. This token can be used multiple times before it expires.

• One-Time Tokens

  Specify this type when one-time token is required after successful authentication. This token can be used only one time before it expires.

• SAML Tokens

  Secure Assertion Markup Language (SAML) is an open standard, which specifies the format of the authentication data exchanged between security domains. The Native, Default, and One-Time tokens issued by AuthMinder can only be interpreted by the AuthMinder Server, but the SAML tokens issued by the AuthMinder Server can be interpreted by any other authentication system. AuthMinder supports 1.1 and 2.0 versions of SAML:

  • SAML 1.1 Tokens

    Specify this type of token when you are using custom (non-AuthMinder) authentication mechanism that needs SAML 1.1 tokens after successful authentication.

  • SAML 2.0 Tokens

    Specify this type of token when you are using custom (non-AuthMinder) authentication mechanism that needs SAML 2.0 tokens after successful authentication.

• Default Tokens

  Specify this type of token when the default token configured at the server is to be requested after successful authentication.

• Custom

  Specify this type of token when you are performing custom credential authentication.

AuthMinder Server can verify only the Native and One-Time tokens that are issued to the users. The authentication token must be verified in cases when you use the token for Single Sign-On, wherein you authenticate the user once and allow them to use multiple resources using the same authentication token.

To verify if a token is valid or not:

1. (Optional) If you are implementing a plug-in, then invoke the setAdditionalInput() method in the AdditionalInput class to obtain an object that implements the class.

   See "Preparing Additional Input" for more information.

2. Invoke the verifyAuthToken() method in Authentication class to verify the token of the user.

   This method returns an instance of the AuthTokenResponse interface, which provides the credential and transaction details.