You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 10 Current »

You can control the access to your interface with authorization policy.

Usage:

<communication>
     <httpInterface authorizationName="checkHttpUserPass" hostname="localhost" port="1655"/>
</communication>

Use an authorization policy by referencing its identifier in interface definition.

We assume that there is an authorization policy named: checkHttpUserPass: 

<security>
       <executableAuthorization name="checkHttpUserPass" serviceName="checkUserPassService" >
               <parameterMapping >
           <mapRow authParam="username" serviceParam="userid"/>
           <mapRow authParam="password" serviceParam="plain_password"/>
           </parameterMapping>                         
               <expectedResult><text>OK</text></expectedResult>
       </executableAuthorization>       
</security>

We should map username and password parameters to input parameters of the authorization service (checkUserPass)

Interface authorization passes the username and password attributes of the server request (see Server Request Example) to checkUserPassService as userid and plain_password parameters.

Then checks the output of the service with "OK" text in the example.

Server Request Example
<request username="mobileuser" password="ileri">

   <job ....>

     ..

   </job>

</request>
  • No labels