Previous Topic: Create the Client ProgramNext Topic: Authentication REST Interface

Administration GuideConfiguring Web ServicesAuthentication and AuthorizationCreate the Client ProgramAuthentication SOAP Interface

Authentication SOAP Interface

These simplified samples show authentication works using the SOAP protocol. Most authentication schemes can be supported by an IdentityContext consisting of just three fields, username, password, binaryCredentials. Other schemes, requiring more fields are supported by additional operations whose inputs are tailored to the credential type.

The following example is an authentication web service normal user login request:

<s:Envelope xmlns:s="http://www.w3.org/2003/05/soap-envelope" 
            xmlns:aut="http://ca.com/2010/04/15/authentication.xsd">
  <s:Header/>
  <s:Body>
    <aut:login>
      <identityContext>
        <binaryCreds>
        </binaryCreds>
        <password>user1</password>
        <userName>user1</userName>
      </identityContext>         
      <appId>app1</appId >
      <action>GET</action>
      <resource>/*</resource >
    </aut:login>
  </s:Body>
</s:Envelope>

The blogin operation (Boolean Login) is similar to the login operation. However, blogin does not return a SMSESSION value in the response, as shown in the following example:

<s:Envelope xmlns:s="http://www.w3.org/2003/05/soap-envelope" 
            xmlns:aut="http://ca.com/2010/04/15/authentication.xsd">
  <s:Header/>
  <s:Body>
    <aut:blogin>
      <identityContext>
        <binaryCreds>
        </binaryCreds>
        <password>user1</password>
        <userName>user1</userName>
      </identityContext>         
      <appId>app1</appId >
      <action>GET</action>
      <resource>/*</resource >
    </aut:blogin>
  </s:Body>
</s:Envelope>

The following example represents a successful login response:

<s:Envelope xmlns:s="http://www.w3.org/2003/05/soap-envelope">
  <s:Header/>
  <s:Body>
    <aut:loginResponse xmlns:aut="http://ca.com/2010/04/15/authentication.xsd">
      <return>
        <message>Authentication successful.</message>
        <resultCode>LOGIN_SUCCESS</resultCode>
        <sessionToken>session</sessionToken>
	<responses>
	  <response/>
	  <response/>
	</responses>
      </return>
    </aut:loginResponse>
  </s:Body>
</s:Envelope>

The following example represents a failed login attempt:

<s:Envelope xmlns:s="http://www.w3.org/2003/05/soap-envelope">
  <s:Header/>
  <s:Body>
    <ns2:loginResponse xmlns:ns2="http://webservice.sm.services.soa.ca.com/">
      <return>
        <message>Authentication failured</message>
        <resultCode>LOGIN_FAILED</resultCode>
        <smSessionCookieValue/>
      </return>
    </ns2:loginResponse>
  </s:Body>
</s:Envelope>

The following example represents an authentication web service user logout request:

Note: Even though a user has successfully logged out, the agent can still use the SessionToken to authorize, because it is considered to be a valid user credential.

<s:Envelope xmlns:s="http://www.w3.org/2003/05/soap-envelope" 
            xmlns:aut="http://ca.com/2010/04/15/authentication.xsd">
  <s:Header/>
  <s:Body>
    <aut:logout>
      <smSessionCookieValue>session</smSessionCookieValue>
    </aut:logout>
  </s:Body>
</s:Envelope>

The following example represents a successful authentication web service logout response:

<s:Envelope xmlns:s="http://www.w3.org/2003/05/soap-envelope">
  <s:Header/>
  <s:Body>
    <ns2:logoutResponse xmlns:ns2="http://ca.com/2010/04/15/authentication.xsd">
      <return>
        <message>Logout successful.</message>
        <resultCode>SUCCESS</resultCode>
      </return>
    </ns2:logoutResponse>
  </s:Body>
</s:Envelope>