. . . . . . . "EntryPoint - user_authenticate" . . "

ODS supports a variety of authentication methods. The most common way of operation for a client is to obtain a session ID and use it in subsequent calls to the API as described in Authentication via Session Id. Session IDs are obtained in one of the following ways. This method allows to authenticate via classical user digest information (user name and password). Authentication through third-party services is handled by user.authenticate.authenticationUrl(). user.authenticate.webid() handles WebiD (X.509 client SSL certificate authentication). In contrast to the other methods user.authenticate.authenticationUrl() will return a URL the client needs to navigate the user to in order to complete the authentication. The other methods will return a session ID.

A session will timeout after being unused for half an hour.

\nAuthentication via Password Hash\n

When authenticating via password hashes parameters user_name and password_hash need to be specified. The password hash uses the sha1 digest algorithm and includes both the user name and the password.

This can be created via openssl or any sha1 tool available in the environment of the client: #echo-n\"demofoobar\"|openssldgst-sha1\n#echo-n\"demofoobar\"|sha1sum\n

  • \n\nuser_name\n\n\n

    The user name of the account created via user.register(). If specified password_hash also needs to be provided.

    \n
    • \n
  • \n\npassword_hash\n\n\n

    The password hash as explained in Password Hash Authentication. Mandatory if user_name is specified.

    \n
    • \n
  • \n\nfacebookUID\n\n\n

    Deprecated Use user.authenticate.authenticationUrl() for Facebook login.

    \n
    • \n
  • \n\nopenIdUrl\n\n\n

    Deprecated Use user.authenticate.authenticationUrl() for OpenID login.

    \n
    • \n
  • \n\nopenIdIdentity\n\n\n

    Deprecated Use user.authenticate.authenticationUrl() for OpenID login.

    \n
    • \n
  • \n\noauthMode\n\n\n

    Deprecated Use user.authenticate.authenticationUrl() for OAuth login.

    \n
    • \n
  • \n\noauthSid\n\n\n

    Deprecated Use user.authenticate.authenticationUrl() for OAuth login.

    \n
    • \n
  • \n\noauthVerifier\n\n\n

    Deprecated Use user.authenticate.authenticationUrl() for OAuth login.

    \n
    • \n
  • \n\noauthToken\n\n\n

    Deprecated Use user.authenticate.authenticationUrl() for OAuth login.

    \n
    • \n\n

    An XML stream containing the session id of the newly created session. This session id can then be used to authenticate other method calls as explained in Authentication via Session Id. For an example of a user session object see Example User Session:.

    \n

    Authentication via OAuth, user.authenticate.webid(), user.authenticate.authenticationUrl()

    \nExample: 
    \n $ curl -i \"http://www.iodbc.org/ods/api/user.authenticate?user_name=demo&password_hash=49e473da03fbc286f06b5f0bf1f3301b5e4a67fd\"\n\n HTTP/1.1 200 OK\n Server: Virtuoso/06.01.3127 (Linux) x86_64-unknown-linux-gnu\n Connection: Keep-Alive\n Date: Tue, 17 Apr 2012 09:31:34 GMT\n Accept-Ranges: bytes\n Content-Type: text/xml; charset=\"UTF-8\"\n Content-Length: 114\n\n <userSession>\n   <sid>1de236f5da2f32d92e8c0cce5053a96e</sid>\n   <user>\n     <uname>demo</uname>\n     <uid>127</uid>\n     <new>0</new>\n     <dba>0</dba>\n   </user>\n </userSession>\n

    Authentication

    This function requries authentication via one of the supported authentication methods as described in ODS Authentication.

    \n

    " . "

    Start a new user session via user digest information.

    " . . . . . "GET" . "text/xml" . .