Previous Contents Index Next |
Sun ONE Identity Server Programmer's Guide |
Chapter 11 Client Detection
The Sun One Identity Server may be accessed using multiple clients types, whether HTML-based, WML-based or other protocols. In order for this function to work, Identity Server must be able to identify the client type. The client detection API is used for this purpose. This chapter offers information on the API, and how it can be used to recognize the client type. It contains the following sections:
Overview
Overview
Identity Server has the capability to process requests from multiple client type browsers. The client detection API can be used to determine the protocol used by the requesting client browser and retrieve the correctly formatted pages for the particular client type.
Note
Currently, Identity Server only defines client data for supported HTML client browsers including Internet Explorer and Netscape Communicator.
Since any browser type requesting access to the Identity Server must first be successfully authenticated, client detection is accomplished within the Authentication Service. When a client's HTTP request is passed to the Identity Server, it is directed to the Authentication Service. Within this framework, the first step in user validation is to identify the browser type using information stored in the HTTP string request. The Authentication Service then uses this information to retrieve the browser type's characteristics. The characteristics are configured and stored in the amClientDetection.xml file and are referred to as the client data. Based on this client data, correctly formatted authentication pages are sent back to the client browser (for example, HTML or WML pages). Once the user is validated, the client type is added to the session token (as the key clientType) where it can be retrieved and used by other Identity Server services.
Note
The client detection mechanism is disabled by default which assumes the client to be of the genericHTML type. All client data associated with genericHTML, as explained in "Client Data", will be used.
Client Data
In order to recognize client types, Identity Server stores their identifying characteristics in its Directory Server data store. This client data identifies the features of all of the particular deployment's supported client browsers. Client data for supported client types are defined in the amClientDetection.xml file. The attribute in which it is defined is iplanet-am-client-detection-client-types. The different aspects of the client data are separated by a pipe ("|") as follows:
clientType=<value>|userAgent=<value>|contentType=<value>|cookieSupport=<value>|fileIdentifier=<value>|filePath=<value>|charset=<value>.
clientTypean arbitrary string which uniquely identifies the client. The default is genericHTML.
UserAgenta search filter used to compare/match the user-agent defined in the HTTP header. The default is Mozilla/4.0.
contentTypedefines the content type of the HTTP request. The default is text/html.
cookieSupportdefines whether cookies are supported by the client browser. The default is true.
fileIdentifieris not used at this time.
filePathis used to locate the client type files (templates and JSP files). The default is html.
charsetdefines the character encoding used by Identity Server to send a response to the browser. The default value is UTF-8. The character set can be configured for any given locale by adding charset_locale=codeset where the code set name is based on the Internet Assigned Numbers Authority (IANA) standard.
Client Detection API
By default, Identity Server only includes client detection functionality for browsers that use HTML. But, it is packaged with an API for writing proprietary client detectors that can retrieve any client data. The client detection API are in a package called com.iplanet.services.cdm. This package provides the interfaces and classes to detect any client browser types. The procedure would include defining the client type characteristics for the new module (as stated in "") as well as implementing the client detection API within the external application. Identity Server services can be accessed by multiple client browser types. For example, a client accessing Identity Server may be a HTML client type or a WML client type. As any client browser requesting access to an Identity Server service must be successfully authenticated, client detection is accomplished as part of the Authentication Service. This service identifies the client type from it's incoming HTTPRequest for access, using the getClientType method in the ClientDetectionInterface interface. Upon successful authentication, the client type is then added to the user's session token where other applications can find it and use the client detection API to retrieve it.
Client Detection Module Interface
Client detection capability is provided by the ClientDetectionInterface interface. It contains a getClientType method which is called by the Authentication Service when a new login request is received. The Authentication Service executes the retrieval of the value of the iplanet-am-auth-client-detection-class attribute to determine the name of the implementing class of the ClientDetectionInterface. The service then passes the HttpRequest to the getClientType method which does the actual client detection and returns the clientType as a string. The default implementation will assume the client type to be the defined default type. An error condition will be handled by the ClientDetectionException class. Code Example 11-1 below is an example implementation of the ClientDetectionInterface.
Previous Contents Index Next
Copyright 2002 Sun Microsystems, Inc. All rights reserved.
Last Updated December 02, 2002