Package com.gentics.contentnode.rest.resource

Interface AuthenticationResource

@Path("/auth")
public interface AuthenticationResource

Authentication Resource. This can be used to authenticate an existing SID.

Method Summary

Modifier and Type	Method	Description
String	alternateSsoLogin()	Perform a login to the system with SSO systems
GenericResponse	globalPrefix()	Returns the global prefix
HashPasswordResponse	hashPassword(javax.servlet.http.HttpServletRequest httpServletRequest, HashPasswordRequest hashPasswordRequest, int sessionId)	Create a hash of the given password and userID The hashing algorithm can change at any time.
LoginResponse	login(LoginRequest request, String sidString)	Perform a login to the system based on user credentials.
GenericResponse	logout(String sid, boolean allSessions)	Do a logout for the current session
GenericResponse	matchPassword(javax.servlet.http.HttpServletRequest httpServletRequest, MatchPasswordRequest matchPasswordRequest, int sessionId)	Checks if the given password matches the given hash As this method is possibly expensive (depends on the implemented hash algorithm), we don't allow anonymous access to it.
String	ssoLogin()	Perform a login to the system with SSO systems
AuthenticationResponse	validate(String sid)	Validate the given SID

Method Details

validate

@GET
@Path("/validate/{sid}")
AuthenticationResponse validate(@PathParam("sid")
 String sid)

Validate the given SID

Parameters:

sid - sid + gcn_session_secret (taken from the GCN_SESSION_SECRET cookie) to validate

Returns:

response containing validation result and (possibly) a user

alternateSsoLogin

@GET
@Path("/login")
@Produces("text/plain; charset=UTF-8")
String alternateSsoLogin()

Perform a login to the system with SSO systems

Returns:

SID or "NOTFOUND" or "FAILURE"

ssoLogin

@GET
@Path("/ssologin")
@Produces("text/plain; charset=UTF-8")
String ssoLogin()

Perform a login to the system with SSO systems

Returns:

SID or "NOTFOUND" or "FAILURE"

login

@POST
@Path("/login")
LoginResponse login(LoginRequest request,
 @QueryParam("sid") @DefaultValue("0")
 String sidString)

Perform a login to the system based on user credentials. If the user is successfully authenticated, create a new session and send back the sid. If a new sessionSecret is created, set it as a cookie

Parameters:

request - login request (contains the login credentials)

sidString - Optional: Existing sid number, the stored secret must match the cookie

Returns:

login response

logout

@POST
@Path("/logout/{sid}")
GenericResponse logout(@PathParam("sid")
 String sid,
 @QueryParam("allSessions") @DefaultValue("0")
 boolean allSessions)

Do a logout for the current session

Returns:

generic response

hashPassword

@POST
@Path("/hashpassword")
HashPasswordResponse hashPassword(@Context
 javax.servlet.http.HttpServletRequest httpServletRequest,
 HashPasswordRequest hashPasswordRequest,
 @QueryParam("sid") @DefaultValue("0")
 int sessionId)

Create a hash of the given password and userID The hashing algorithm can change at any time. As this method is possibly expensive (depends on the implemented hash algorithm), we don't allow anonymous access to it.

Parameters:

hashPasswordRequest - Password request object

Returns:

HashPasswordResponse

matchPassword

@POST
@Path("/matchpassword")
GenericResponse matchPassword(@Context
 javax.servlet.http.HttpServletRequest httpServletRequest,
 MatchPasswordRequest matchPasswordRequest,
 @QueryParam("sid") @DefaultValue("0")
 int sessionId)

Checks if the given password matches the given hash As this method is possibly expensive (depends on the implemented hash algorithm), we don't allow anonymous access to it.

Parameters:

matchPasswordRequest - Password match request object

Returns:

GenericResponse

globalPrefix

@GET
@Path("/globalprefix")
GenericResponse globalPrefix()

Returns the global prefix

Returns:

GenericResponse