Difference between revisions of "ASL HTTP InfrastructureLogin"
(→User authentication – logging in Infrastructure) |
(→User authentication – logging in Infrastructure) |
||
| Line 4: | Line 4: | ||
== User authentication – logging in Infrastructure == | == User authentication – logging in Infrastructure == | ||
The user can login to the infrastructure using credentials, to access personalized system benefits during HTTP interaction. The corresponding servlet receives the user's credential (username - password) and communicates with LDAP. It makes use of status codes and HTTP headers for managing the security policy. In case of denied credentials it returns an SC_UANUTHORIZED status code to the client. Both BASIC and Form-based authentication methods are implemented and they base on the basic authorization scheme that requires the string of the Authorization header to contain the string "username:password" in Base64. | The user can login to the infrastructure using credentials, to access personalized system benefits during HTTP interaction. The corresponding servlet receives the user's credential (username - password) and communicates with LDAP. It makes use of status codes and HTTP headers for managing the security policy. In case of denied credentials it returns an SC_UANUTHORIZED status code to the client. Both BASIC and Form-based authentication methods are implemented and they base on the basic authorization scheme that requires the string of the Authorization header to contain the string "username:password" in Base64. | ||
| + | |||
| + | The Infrastructure Login component makes use of the built in session mechanism of ASL, to allow intercommunication between different asl HTTP application deployed in the same node. When the user has logged in to the system through the Login servlet, the session is returned inside an XML response and all the following URL - encoded requests must contain it. This means that the user can make the named calls using URL rewriting by sending the session as part of a rewritten URK, encoded using a jsessionid path parameter. | ||
| + | |||
* ''URL request example:'' http://localhost:8080/aslHttpInfrastructureLogin/Login | * ''URL request example:'' http://localhost:8080/aslHttpInfrastructureLogin/Login | ||
| + | |||
| + | An example of an XML response returning the session id is presented bellow: | ||
| + | |||
| + | <source lang="xml"> | ||
| + | <?xml version="1.0" encoding="UTF-8"?> | ||
| + | <SessionID> | ||
| + | <jsessionid>6751BF9588491D6EB853096C84B3671F</jsessionid> | ||
| + | </SessionID> | ||
| + | </source> | ||
== Listing of infrastructure scopes == | == Listing of infrastructure scopes == | ||
== Logging in an Infrastructure scope == | == Logging in an Infrastructure scope == | ||
Revision as of 16:40, 31 August 2012
The ASL HTTP Infrastructure login component is part of the HTTP Front End Framework and provides functionality for authenticating and logging in the users to the gCube system. It follows the framework principles for data interchange formats, error handling and context management, supporting both JSON and XML, using the common framework utilities for user authentication and HTTP error responses and following the coding guidelines. This component, interacts with the ASL level of the integration and interoperability framework for using the authentication modules that are integrated in it.
This component is used for named access of users to the system. In this mode, the user needs to login to the system and to an Infrastructure scope and continue interacting with the application over HTTP without having to pass the contextual information in every request submitted. Moreover, she can use personalized benefits in the cases of functionalities interacting with gCube personalization services. The features provided are listed as follows:
User authentication – logging in Infrastructure
The user can login to the infrastructure using credentials, to access personalized system benefits during HTTP interaction. The corresponding servlet receives the user's credential (username - password) and communicates with LDAP. It makes use of status codes and HTTP headers for managing the security policy. In case of denied credentials it returns an SC_UANUTHORIZED status code to the client. Both BASIC and Form-based authentication methods are implemented and they base on the basic authorization scheme that requires the string of the Authorization header to contain the string "username:password" in Base64.
The Infrastructure Login component makes use of the built in session mechanism of ASL, to allow intercommunication between different asl HTTP application deployed in the same node. When the user has logged in to the system through the Login servlet, the session is returned inside an XML response and all the following URL - encoded requests must contain it. This means that the user can make the named calls using URL rewriting by sending the session as part of a rewritten URK, encoded using a jsessionid path parameter.
- URL request example: http://localhost:8080/aslHttpInfrastructureLogin/Login
An example of an XML response returning the session id is presented bellow:
<?xml version="1.0" encoding="UTF-8"?> <SessionID> <jsessionid>6751BF9588491D6EB853096C84B3671F</jsessionid> </SessionID>
