Authentication REST Interface

Administration Guide › Configuring Web Services › Authentication and Authorization › Create the Client Program › Authentication REST Interface

Authentication REST Interface

REST means REpresentational State Transfer. In REST, service requests transform the state of objects accessible by URIs. HTTP drives state change using actions such as create, read, update, and delete.

The URI mapping for authentication and authorization consists of the appId and resourcePath. The resource state is the collections of authenticated or authorized users associated with the Resource. The service names for authentication are login, blogin, and logout.

A URI in this format, http://hostname:port/authazws/AuthRestService/login/appID/Resource, posts the following request:

<loginRequest>
      <binaryCreds></binaryCreds>
       <password>user1</password>
       <userName>user1</userName>
       <action>GET</action>         
</loginRequest>

The login responses:

HTTP return code 200

<loginResponse>
<message>Authentication successful</message>
<resultCode>LOGIN_SUCCESS</resultCode>
<sessionToken>session</sessionToken>
<authenticationResponses>
	<response>
		<name>SM_SESSIONDRIFT</name>
		<value>0</value>
	</response>
</authenticationResponses>
</loginResponse>

HTTP return code 400

<loginResponse>
<message>Bad Request</message>
<resultCode>LOGIN_ERROR</resultCode>
</loginResponse>

HTTP return code 200

<loginResponse>
<message>Authentication Failed</message>
<resultCode>LOGIN_FAILED</resultCode>
<authenticationResponses>	
	<response><name>SM_AUTHREASON</name>
	<value>0</value>
	</response>	
</authenticationResponses>
</loginResponse>

HTTP return code 500

<loginResponse>
<message>System</message>
<resultCode>Server Error</resultCode>
</loginResponse>

The bLogin operation (Boolean Login) is similar to login. A URI in this form, http://host:port#/blogin/appId/resourcePath posts as shown in the login request. It returns yes or no in the response message.

A URI in this format, http://host:port#/logout/appId/resourcePath/, posts the following the logout request:

<logoutRequest>
<smSessionCookieValue>session</smSessionCookieValue>
</logoutRequest>

The authentication web service logout responses:

<logoutResponse>
<message>Logout Successful</message>
<resultCode>LOGOUT_SUCCESS</resultCode>
<smSessionCookieValue>yyy</smessionCookieValue>
</logoutResponse>

<logoutResponse>
<message>Logout Failed</message>
<resultCode>LOGOUT_FAILURE</resultCode>
<smSessionCookieValue>yyy</smessionCookieValue>
</logoutResponse>