public interface CAEAuthService
This service is used to Grant and Revoke a CAE SAML Assertion
that can
be used for authentication to other CAE Web Services.
Modifier and Type | Method and Description |
---|---|
String |
getSAMLTokenFromShib(String shibbolethString)
Generate a token that represents a SAML
Assertion
for use in other CAE Web Services for Authentication. |
String |
getSAMLTokenFromUsernamePassword(String username,
String password,
String requestingIP)
Generate a token that represents a SAML
Assertion
for use in other CAE Web Services for Authentication. |
CAESamlInfo |
getVerificationInfo(String guid)
This will return a
CAESamlInfo about an issued CAE SAML Assertion |
RevokeResponse |
revokeSAMLToken(String guid)
Revoke a SAML
Assertion |
String getSAMLTokenFromShib(String shibbolethString)
Assertion
for use in other CAE Web Services for Authentication.
This method will take a Shibboleth Assertion from known IDP's (login.engr.wisc.edu)
and use this as the authentication. From this assertion, a CAE Assertion will be
generated.
The input to this method is string of the Shibboleth Assertion that has first been URL Encoded, and then base64 encoded.
If successful, the return is a string of the CAE SAML Assertion that has also been URL Encoded and then base64 encoded. Before it can be used as a WS-Security token, it will need to be base64 decoded, and then URL Decoded. Do not modify this decoded string in any way or the signed signature of the assertion will not validate.
shibbolethString
- - base64 uncoded string of a shibboleth assertionString getSAMLTokenFromUsernamePassword(String username, String password, String requestingIP)
Assertion
for use in other CAE Web Services for Authentication.
This method will take a username/password pair for authentication. The username/password must match a username/password pair in the CAE Authentication system.
If successful, the return is a string of the CAE SAML Assertion that has also been URL Encoded and then base64 encoded. Before it can be used as a WS-Security token, it will need to be base64 decoded, and then URL Decoded. Do not modify this decoded string in any way or the signed signature of the assertion will not validate.
username
- - the CAE Login name to authenticate withpassword
- - the password for the CAE Account specifiedrequestingIP
- - This is filled in by the web service call, the IP Address of
the calling client. It is not part of the endpoint requestCAESamlInfo getVerificationInfo(String guid)
CAESamlInfo
about an issued CAE SAML Assertion
The GUID needed is the value from
guid
- - The token to get the information aboutRevokeResponse revokeSAMLToken(String guid)
Assertion
The GUID needed is the value from
Upon success, the assertion specified will be marked as revoked. Any call to the
getVerificationInfo
will return that it is no longer a valid assertion.
guid
- Copyright © 2012 Computer-Aided Engineering, University of Wisconsin-Madison. All Rights Reserved.