authentication - based authentication
interface Session string user ; string[] roles ; string token ; create(string username, secret password, string scheme, boolean preserve, long timeout); delete();
AUTHENTICATION(3rad) RAD Module Definitions AUTHENTICATION(3rad)
NAME
authentication - API for token-based authentication
SYNOPSIS
interface Session
string user ;
string[] roles ;
string token ;
create(string username,
secret password,
string scheme,
boolean preserve,
long timeout);
delete();
DESCRIPTION
API com.oracle.solaris.rad.authentication
This API provides functions for generating and redeeming security
tokens for RAD's token-based Authentication.
INTERFACES
interface Session
Session interface. Represents a session within RAD. Clients should
interact with this interface to: - authenticate and obtain access to
RAD - retrieve, redeem and revoke UUID authentication tokens - obtain
information about existing sessions - delete sessions - obtain session
specific data, user, roles.
Session Properties
string user (read-only, nullable) -- gets the username of the
connected user
string[] roles (read-only) -- gets the list of roles available to
the connected user
string token (read-write, nullable) -- Read/Write the session's
token.
interface Methods
create(string username, secret password, string scheme,
boolean preserve, long timeout)
Create a new Session instance. If authentication data cannot be
validated by the server an error is raised. For HTTP clients, a
secure token is returned in the HTTP cookie.
# Authenticate and receive a security token
curl -v -X POST -c cookiejar.txt -b cookiejar.txt
--header 'Content-Type: application/json'
--data '{"username": ..., "password": ..., ...}'
localhost/api/com.oracle.solaris.rad.authentication/1.0/Session
{
"payload": {
"href": "/api/com.oracle.solaris.rad.authentication/1.0/Session/_rad_reference/<id>"
},
"status": "success"
}
# Subsequent requests will use the token as stored in HTTP cookie
curl -v -X GET -c cookiejar.txt -b cookiejar.txt
localhost/api/com.oracle.solaris.rad.authentication/1.0/Session/_rad_reference/<id>/user
Arguments:
username
password
scheme -- Sets the authentication scheme. Currently only 'pam'
supported.
preserve
timeout -- If timeout is specified as -1, the default session
timeout for this REST interfaces is 60 minutes.
Error:
(no type)
delete()
Delete and disconnect current session.
curl -v -X DELETE localhost/api/com.oracle.solaris.rad.authentication/1.0/Session/_rad_reference/<id>
Error:
(no type)
Version: (1.0)
ATTRIBUTES
See attributes(5) for descriptions of the following attributes:
+--------------------+-------------------------+
| ATTRIBUTE TYPE | ATTRIBUTE VALUE |
+--------------------+-------------------------+
|Availability | system/management/rad/* |
+--------------------+-------------------------+
|Interface Stability | Private |
+--------------------+-------------------------+
SEE ALSO
rad(1M)
SunOS 5.11 2017-05-31 AUTHENTICATION(3rad)