The following interfaces must be implemented when creating an authentication service.
The AquaLogic Interaction Development Kit (IDK), formerly called the EDK, allows you to create remote authentication services and related configuration pages without parsing SOAP or accessing the portal API. The IDK Authentication API provides an abstraction from the necessary SOAP calls; you simply implement an object interface. For a complete listing of interfaces, classes, and methods, see the IDK API documentation.
The Plumtree.Remote.Auth namespace (the com.plumtree.remote.auth package in Java), provides interfaces for creating authentication and synchronization services for users and groups in the portal. There are three interfaces provided:
To provide synchronization with an external source, implement ISyncProvider and IGroup. To provide authentication against an external source, implement IAuthProvider. In most cases, all three interfaces should be implemented.
User and group synchronization takes place when the associated synchronization Job is run by the portal Automation Service. The synchronization service must maintain state between the portal, the remote server, and the back-end system until synchronization is complete. Users are imported on each run via ISyncProvider. Imported users are put into groups based on information from IGroup object(s). The portal typically calls the methods of the authentication service interfaces in the following order:
When a user logs into the portal, the authentication service is called to authenticate against the back-end system. This is done through a single call to IAuthProvider.Authenticate.
Once logged in, each user is associated with a portal User object; authentication services do not need to maintain state.