Overview  Package   Class  Tree  Deprecated  Index  Help 
Oracle Collaboration Suite Discussions Web Services Java API Reference
10g (10.1.2.2)
Part No. B28210-01
 PREV CLASS   NEXT CLASS FRAMES    NO FRAMES    
SUMMARY: NESTED | FIELD | CONSTR | METHOD DETAIL: FIELD | CONSTR | METHOD

oracle.discussions.ws
Interface S2SAuthenticationService

public interface S2SAuthenticationService

Webservices interface representing Service-To-Service login operation.

S2S authentication is based on a simple proxy model, where in one service authenticates to the other using HTTP-Digest mechanism.
The service, from where the request originates, sets a special HTTP header (ORA_S2S_PROXY_USER),with value as user's nickname, into the request to specify the proxy user.
For S2S to work, OID must be correctly set up with a trusted applications group and the application entity that is authenticating. The trusted applications group is usually 'cn=Trusted Applications, cn=Groups, cn=OracleContext'. It has an has a number of entities listed in its 'uniquemember' field.
Only application entities listed in this member are allowed to authenticate using S2S. To complete the authentication, the application entity must have the member 'orcltrustedapplicationgroup' in its OID entry containing the location of the trusted applications group. The password in the application entity's entry will be used to authenticate.

Method Summary
 void login()
          Login operation, which the caller application invokes to assert its identity to the callee application.
 void logout()
          Invalidates the user's http session.

 

Method Detail

login

public void login()
           throws TdWSException
Login operation, which the caller application invokes to assert its identity to the callee application.

nce the request is dispatched from the HTTP Server, Oracle Jazn kicks in, checks if the application name and application password, of the application invoking S2S login, form a part of the trusted applications group in the OID. If they are and if the password is correct, the PROXY_USER is asserted by jazn to the callee application, and a TdStore is initialized for this user.
On successful authentication, the client can access a cookie, which is to be set on stubs used in the subsequent webservices invocations.
On invoking logout method, or on http session timeout, the cookie is destroyed.

Throws:
TdWSException - - Thrown on any exception in initializng a td store for the user.

logout

public void logout()
            throws TdWSException
Invalidates the user's http session. All the objects cached in the session are destroyed as well.

Once logged out, the user will not be able to invoke any web services operations, until he authenticates himself, invoking login again.

Throws:
TdWSException - - On any exception in closing td store for the user.

Overview  Package   Class  Tree  Deprecated  Index  Help 
Copyright © 2005, Oracle. All rights reserved.
 PREV CLASS   NEXT CLASS FRAMES    NO FRAMES    
SUMMARY: NESTED | FIELD | CONSTR | METHOD DETAIL: FIELD | CONSTR | METHOD