> Oracle WebCenter Interaction Web Service Development Guide > About Identity Services > About Authentication Services > Authentication Service Internals

Oracle WebCenter Interaction Web Service Development Guide

     Previous Next  Open TOC in new window   View as PDF - New Window  Get Adobe Reader - New Window
Content starts here

Authentication Service Internals

The following Oracle WebCenter Interaction Development Kit (IDK) interfaces must be implemented when creating an authentication service.

The Oracle WebCenter Interaction Development Kit (IDK) allows you to create remote authentication services and related configuration pages without parsing SOAP or accessing the portal API. The authentication API provides an abstraction from the necessary SOAP calls; you simply implement an object interface. For a complete listing of interfaces, classes, and methods, see the API documentation.

Note: The differences between the Java and .NET versions of the Oracle WebCenter Interaction Development Kit (IDK) are platform-specific. In this guide, method names are listed using the Java standard. .NET methods are identical, except begin with a uppercase letter. The ISyncProvider.Initialize method in the .NET IDK provides the same functionality as the ISyncProvider.initialize method in the Java IDK.

Plumtree.Remote.Auth

The com.plumtree.remote.auth namespace (the Plumtree.Remote.Auth package in .NET) provides interfaces for creating authentication and synchronization services for users and groups in the portal. There are three interfaces provided:


  • ISyncProvider
  • IGroup
  • IAuthProvider

To provide synchronization with an external source, implement ISyncProvider and IGroup. To provide authentication against an external source, implement IAuthProvider. In most cases, all three interfaces should be implemented.

Synchronization

User and group synchronization takes place when the associated synchronization Job is run by the portal Automation Service. The synchronization service must maintain state between the portal, the remote server, and the back-end system until synchronization is complete. Users are imported on each run via ISyncProvider. Imported users are put into groups based on information from IGroup object(s). The portal typically calls the methods of the authentication service interfaces in the following order:


  1. ISyncProvider.initialize
  2. ISyncProvider.getGroups
  3. ISyncProvider.initialize
  4. ISyncProvider.getUsers
  5. ISyncProvider.initialize
  6. ISyncProvider.attachToGroup for each group returned in ISyncProvider.getGroups
    1. IGroup.getChildGroups
    2. IGroup.getChildUsers
Note: The portal may take a long time between calls to getGroups(), getUsers(), and attachToGroup(). Because of this, the Java or .NET session on the remote server may time out, so initialize() is called more than once.

Authentication

When a user logs into the portal, the authentication service is called to authenticate against the back-end system. This is done through a single call to IAuthProvider.authenticate.

Once logged in, each user is associated with a portal User object; authentication services do not need to maintain state.

Parent topic: About Authentication Services

  Back to Top      Previous Next