Versions Compared

Old Version 3

changes.mady.by.user Don Bakke

Saved on

compared with

New Version 4

changes.mady.by.user Don Bakke

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

ParameterDescription
RemaiiningURL

The remaining portion of the URL that follows the URL that launched this current service. This information is used in the HTTP_Service_Setup insert to populate other useful variablesSee the remarks section belowRequired.

Remarks

HTTP_Authentication_Services is an application service module that handles authentication into the API. By default this service is automatically called within the HTTP_MCP controller routine. It is recommended that this be left in place. If the developer wishes to disable authentication (either temporarily for testing purposes or permanently), it is better to set the Enable Authentication Flag to 0 in the SRP_HTTP_FRAMEWORK_SETUP configuration record.

Authentication is different from authorization (even though HTTP Basic Authentication uses the Authorization request header field) and this is important when building access to the API. Authentication normally means the user’s credentials are valid. However, this does not guarantee that the user has sufficient privileges to access (or modify) the requested resource. This is where authorization comes in. Failure in authentication or authorization can both return a 401 (Unauthorized) status code, but a failed authorization might return a 403 (Forbidden) status code. Web service code that easily retrieve the authentication credentials to make authorization decisions.

Services

Web services are designed to process HTTP requests. In order to do this properly, they need to have access to specific information such as the HTTP method, entry point URL, and end point, URL. These commonly needed data points are assigned to several variables in the HTTP_Service_Setup insert.

Setup Variables

Usage:
HTTP_Authentication_Services('CleanUp')

Comments:
Runs any clean up processes as needed to prepare the engine for the next request.

Returns:
N/A
VariablesDescription

APIURL

The base URL for the API entry point (e.g., api.mysite.com/v1).

FullEndPointURL

The URL submitted by the client.

HTTPMethod

The HTTP Method (Verb) submitted by the client (e.g., GET, POST, etc.)

SelfURL

The URL path representing the current service.

NextSegment

The URL segment immediately following the SelfURL (if any). This could contain the name of the next service or it could contain the Item ID for the current service (aka resource).

CurrentServiceHandler

The name of the currently running BASIC+ stored procedure.

ServiceDescription
AuthenticateRequest

Usage:
HTTP_Authentication_Services('AuthenticateRequest')

Comments:
Returns a boolean value indicating the success of the authentication attempt. Default method is built around HTTP Basic Authentication.

Returns:
A boolean value indicating the success of the authentication attempt.

 CleanUp

Param1 - Param10

The proper use of the generic arguments are defined in the definition of each service above.