Integrate Software AG Products Using Digital Event Services 10.4 | Integrate Software AG Products Using Digital Event Services | MashZone NextGen Help | Appendix | Legacy Presto components | MashZone NextGen Development and APIs | MashZone NextGen APIs | MashZone NextGen REST API | Handle Authentication
 
Handle Authentication
Requests can be anonymous to have MashZone NextGen treat the user as a guest. To send anonymous requests, include the x-p-anonymous MashZone NextGen header/parameter in the URL or as an HTTP header.
In all other cases, the first request to MashZone NextGen must supply user identity information. This creates a standard HTTP session. What is required in the initial request depends on how authentication is configured in MashZone NextGen.
For authentication with SSO (single sign-on solution) or SSL with digital certificates, user identity information is supplied by those solutions. No additional authentication information is required in the request.
For authentication using basic credentials, you must use the REST API method to login to create a MashZone NextGen session and authenticate the user. This adds a cookie with session information which is then included in all subsequent requests. You can also use the REST API method to logout and end the session or simply let the session expire (based on MashZone NextGen timeout configuration).
*Login: use this URL:
http://app-server:port/mashzone/edge/api/rest/UserManagerService/login?presto_username=username&presto_password=pw
Both parameters must be in clear text.
Successful logins set a session cookie and return an XML response in the form:
<?xml version="1.0"?>
<ServiceResponseObject>
<version>2.0</version>
<appId></appId>
<sid>UserManagerService</sid>
<svcVersion>1.0</svcVersion>
<oid>login</oid>
<response
>
<authToken>Token is set as HTTP cookie</authToken>
</response>
<errorCode></errorCode>
<invId></invId>
<header/>
<serviceHeaders/>
</ServiceResponseObject>
Unsuccessful logins return a simple text response: Authentication failed.Userid:someName.
*Logout: use this URL:
http://app-server:port/mashzone/edge/api/rest/UserManagerService/logout

Copyright © 2019 | Software AG, Darmstadt, Germany and/or Software AG USA, Inc., Reston, VA, USA, and/or its subsidiaries and/or its affiliates and/or their licensors.
Innovation Release