authentication - based authentication
interface Session string user ; string[] roles ; string token ; create(string username, secret password, string scheme, boolean preserve, long timeout); delete();
AUTHENTICATION(3rad) RAD Module Definitions AUTHENTICATION(3rad) NAME authentication - API for token-based authentication SYNOPSIS interface Session string user ; string[] roles ; string token ; create(string username, secret password, string scheme, boolean preserve, long timeout); delete(); DESCRIPTION API com.oracle.solaris.rad.authentication This API provides functions for generating and redeeming security tokens for RAD's token-based Authentication. INTERFACES interface Session Session interface. Represents a session within RAD. Clients should interact with this interface to: - authenticate and obtain access to RAD - retrieve, redeem and revoke UUID authentication tokens - obtain information about existing sessions - delete sessions - obtain session specific data, user, roles. Session Properties string user (read-only, nullable) -- gets the username of the connected user string[] roles (read-only) -- gets the list of roles available to the connected user string token (read-write, nullable) -- Read/Write the session's token. interface Methods create(string username, secret password, string scheme, boolean preserve, long timeout) Create a new Session instance. If authentication data cannot be validated by the server an error is raised. For HTTP clients, a secure token is returned in the HTTP cookie. # Authenticate and receive a security token curl -v -X POST -c cookiejar.txt -b cookiejar.txt --header 'Content-Type: application/json' --data '{"username": ..., "password": ..., ...}' localhost/api/com.oracle.solaris.rad.authentication/1.0/Session { "payload": { "href": "/api/com.oracle.solaris.rad.authentication/1.0/Session/_rad_reference/<id>" }, "status": "success" } # Subsequent requests will use the token as stored in HTTP cookie curl -v -X GET -c cookiejar.txt -b cookiejar.txt localhost/api/com.oracle.solaris.rad.authentication/1.0/Session/_rad_reference/<id>/user Arguments: username password scheme -- Sets the authentication scheme. Currently only 'pam' supported. preserve timeout -- If timeout is specified as -1, the default session timeout for this REST interfaces is 60 minutes. Error: (no type) delete() Delete and disconnect current session. curl -v -X DELETE localhost/api/com.oracle.solaris.rad.authentication/1.0/Session/_rad_reference/<id> Error: (no type) Version: (1.0) ATTRIBUTES See attributes(5) for descriptions of the following attributes: +--------------------+-------------------------+ | ATTRIBUTE TYPE | ATTRIBUTE VALUE | +--------------------+-------------------------+ |Availability | system/management/rad/* | +--------------------+-------------------------+ |Interface Stability | Private | +--------------------+-------------------------+ SEE ALSO rad(1M) SunOS 5.11 2017-05-31 AUTHENTICATION(3rad)