AuthenticationResource (Gentics Content.Node - REST API Library 5.45.53 API)

```
@Path(value="/auth")
public interface AuthenticationResource
```
Authentication Resource. This can be used to authenticate an existing SID.

Method Summary

All Methods Instance Methods Abstract Methods
Modifier and Type	Method and Description
`String`	`alternateSsoLogin()` Perform a login to the system with SSO systems
`GenericResponse`	`globalPrefix()` Returns the global prefix
`HashPasswordResponse`	`hashPassword(javax.servlet.http.HttpServletRequest httpServletRequest, HashPasswordRequest hashPasswordRequest, int sessionId)` Create a hash of the given password and userID The hashing algorithm can change at any time.
`LoginResponse`	`login(LoginRequest request, String sidString)` Perform a login to the system based on user credentials.
`LoginResponse`	`loginWithRsa(LoginWithRsaRequest request, String sidString)` Perform a login to the system based on RSA signature.
`GenericResponse`	`logout(String sid, boolean allSessions)` Do a logout for the current session
`GenericResponse`	`matchPassword(javax.servlet.http.HttpServletRequest httpServletRequest, MatchPasswordRequest matchPasswordRequest, int sessionId)` Checks if the given password matches the given hash As this method is possibly expensive (depends on the implemented hash algorithm), we don't allow anonymous access to it.
`String`	`ssoLogin()` Perform a login to the system with SSO systems
`AuthenticationResponse`	`validate(String sid)` Validate the given SID

Method Detail

validate

@GET
 @Path(value="/validate/{sid}")
AuthenticationResponse validate(@PathParam(value="sid")
                                                                     String sid)

Validate the given SID

Parameters:: sid - sid + gcn_session_secret (taken from the GCN_SESSION_SECRET cookie) to validate
Returns:: response containing validation result and (possibly) a user

alternateSsoLogin

@GET
 @Path(value="/login")
 @Produces(value="text/plain; charset=UTF-8")
String alternateSsoLogin()

Perform a login to the system with SSO systems

Returns:: SID or "NOTFOUND" or "FAILURE"

ssoLogin

@GET
 @Path(value="/ssologin")
 @Produces(value="text/plain; charset=UTF-8")
String ssoLogin()

Perform a login to the system with SSO systems

Returns:: SID or "NOTFOUND" or "FAILURE"

login
```
@POST
 @Path(value="/login")
LoginResponse login(LoginRequest request,
                                                 @QueryParam(value="sid") @DefaultValue(value="0")
                                                 String sidString)
```
Perform a login to the system based on user credentials. If the user is successfully authenticated, create a new session and send back the sid. If a new sessionSecret is created, set it as a cookie

Parameters:

request - login request (contains the login credentials)

sidString - Optional: Existing sid number, the stored secret must match the cookie

Returns:

login response

loginWithRsa
```
@POST
 @Path(value="/loginwithrsa")
LoginResponse loginWithRsa(LoginWithRsaRequest request,
                                                               @QueryParam(value="sid") @DefaultValue(value="0")
                                                               String sidString)
```
Perform a login to the system based on RSA signature. If the user is successfully authenticated, create a new session and send back the sid. If a new sessionSecret is created, set it as a cookie.

Parameters:

request - login request (contains the login credentials)

sidString - Optional: Existing sid number, the stored secret must match the cookie

Returns:

login response

logout

@POST
 @Path(value="/logout/{sid}")
GenericResponse logout(@PathParam(value="sid")
                                                           String sid,
                                                           @QueryParam(value="allSessions") @DefaultValue(value="0")
                                                           boolean allSessions)

Do a logout for the current session

Returns:: generic response

hashPassword

@POST
 @Path(value="/hashpassword")
HashPasswordResponse hashPassword(@Context
                                                                      javax.servlet.http.HttpServletRequest httpServletRequest,
                                                                      HashPasswordRequest hashPasswordRequest,
                                                                      @QueryParam(value="sid") @DefaultValue(value="0")
                                                                      int sessionId)

Create a hash of the given password and userID The hashing algorithm can change at any time. As this method is possibly expensive (depends on the implemented hash algorithm), we don't allow anonymous access to it.

Parameters:: hashPasswordRequest - Password request object
Returns:: HashPasswordResponse

matchPassword

@POST
 @Path(value="/matchpassword")
GenericResponse matchPassword(@Context
                                                                   javax.servlet.http.HttpServletRequest httpServletRequest,
                                                                   MatchPasswordRequest matchPasswordRequest,
                                                                   @QueryParam(value="sid") @DefaultValue(value="0")
                                                                   int sessionId)

Checks if the given password matches the given hash As this method is possibly expensive (depends on the implemented hash algorithm), we don't allow anonymous access to it.

Parameters:: matchPasswordRequest - Password match request object
Returns:: GenericResponse

globalPrefix

@GET
 @Path(value="/globalprefix")
GenericResponse globalPrefix()

Returns the global prefix

Returns:: GenericResponse

Interface AuthenticationResource