Changes for page HTTP login service backend-requests API

Summary

• Page properties (3 modified, 0 added, 0 removed)
• Objects (1 modified, 0 added, 0 removed)
  • Confluence.Code.ConfluencePageClass[0]

Details

Page properties

Title

...	...	@@ -1,1 +1,1 @@
1		-HTTP authentication requests towardshttp-util's HttpLoginService
	1	+HTTP authentication requests

Author

...	...	@@ -1,1 +1,1 @@
1		-XWiki.christoph_lechleitner@iteg_at
	1	+XWiki.wolfgang_glas@iteg_at

Content

...	...	@@ -1,6 +1,6 @@
1	1	=== {{id name="HTTPloginservicebackend-requestsAPI-Motivation"/}}Motivation ===
2	2
3		-The http-util [[HttpLoginService>>url:http://svn.clazzes.org/svn/util/tags/http-util-1.1.0/src/main/java/org/clazzes/util/http/sec/HttpLoginService.java||shape="rect"]] interface provides a means for registering various login mechanism to be uset by teh gwt-sec library and other using OSGi/GWT.
	3	+The http-util [[HttpLoginService>>url:http://svn.clazzes.org/svn/util/tags/http-util-1.1.0/src/main/java/org/clazzes/util/http/sec/HttpLoginService.java]] interface provides a means for registering various login mechanism to be uset by teh gwt-sec library and other using OSGi/GWT.
4	4
5	5	There are implementations of HttpLoginService, which use LDAP (gwt-ladp-login-service) or JAAS (gwt-jaas-login-service) for authentication.
6	6
...	...	@@ -11,6 +11,7 @@
11	11	A request to an authentication URL is a HTTPS POST request
12	12
13	13	{{code}}
	14	+
14	14	POST /my/authentication/service HTTP/1.1
15	15	Host: auth.my.domain
16	16	Content-Type: application/x-www-form-urlencoded
...	...	@@ -19,7 +19,7 @@
19	19
20	20	{{/code}}
21	21
22		-The user and password fields *must* not be tranferred as GET variables and the use of plain HTTP is strongly discouraged, an authentication service should always use HTTPS.
	23	+The user and password fields must not be tranferred as GET variables and the use of plain HTTP is strongly discouraged, an authentication service should always use HTTPS.
23	23
24	24	=== {{id name="HTTPloginservicebackend-requestsAPI-AuthenticationResponse"/}}Authentication Response ===
25	25
...	...	@@ -26,6 +26,7 @@
26	26	An authentication must respond to an authentication request with an HTTP response with
27	27
28	28	{{code}}
	30	+
29	29	Content-Type: text/plain; charset=utf-8
30	30
31	31	{{/code}}
...	...	@@ -33,12 +33,16 @@
33	33	and on of the following status codes:
34	34
35	35	{{code}}
	38	+
36	36	200 OK - successful authentication
37		-403 Forbidden - if the user name or the password is wrong or no user and passwd field ist given.
	40	+401 Unauthorized - if no user and passwd fields are given in the POST data.
	41	+403 Forbidden - if the user name or the password is wrong.
38	38	406 Not Acceptable - The status, which will be returned after to many unsuccessful authentications.
39	39
40	40	{{/code}}
41	41
42		-(% style="color: rgb(0,0,0);" %)The body of the response *must* no contain more than 1024 bytes and should contain a short, information text message encoded in UTF-8. The text message will be logged by the gwt-http-login-service bundle and will not be displayed to the user.
	46	+{{color value="#000000"}}
	47	+The body of the response \*must\* no contain more than 1024 bytes and should contain a short, information text message encoded in UTF-8. The text message will be logged by the gwt-http-login-service bundle and will not be displayed to the user.
	48	+{{/color}}
43	43
44		-(% style="color: rgb(0,0,0);" %) (%%)The server may enforce the use of HTTP basic authentication in order to keep offending servers away from dictionary attacks.
	50	+\\

Confluence.Code.ConfluencePageClass[0]

Id

...	...	@@ -1,1 +1,1 @@
1		-688322
	1	+688266

Title

...	...	@@ -1,1 +1,1 @@
1		-HTTP authentication requests towardshttp-util's HttpLoginService
	1	+HTTP authentication requests

URL

...	...	@@ -1,1 +1,1 @@
1		-https://clazzes.atlassian.net/wiki/spaces/GWTBASICS/pages/688322/HTTP authentication requests towardshttp-util's HttpLoginService
	1	+https://clazzes.atlassian.net/wiki/spaces/GWTBASICS/pages/688266/HTTP authentication requests