Application service module that facilitates authentication into the API.
Syntax
Response = HTTP_Authentication_Services(Service, Param1, Param2, Param3, Param4, Param5, Param6, Param7, Param8, Param9, Param10)
Returns
The meaning of the response value depends on the service.
Parameters
Parameter | Description |
---|---|
Service | The name of the service being requested. Required. |
Param1 - Param10 | Generic parameters. |
Remarks
HTTP_Authentication_Services
is an application service module that handles authentication into the API. By default this service is automatically called within the HTTP_MCP controller routine. It is recommended that this be left in place. If the developer wishes to disable authentication (either temporarily for testing purposes or permanently), it is better to set the Enable Authentication Flag to 0 in the SRP_HTTP_FRAMEWORK_SETUP configuration record.
Authentication is different from authorization (even though HTTP Basic Authentication uses the Authorization request header field) and this is important when building access to the API. Authentication normally means the user’s credentials are valid. However, this does not guarantee that the user has sufficient privileges to access (or modify) the requested resource. This is where authorization comes in. Failure in authentication or authorization can both return a 401 (Unauthorized) status code, but a failed authorization might return a 403 (Forbidden) status code. Web service code that easily retrieve the authentication credentials to make authorization decisions.
Services
Service | Description |
---|---|
AuthenticateRequest | Usage: Comments: Returns: |
CleanUp | Usage: Comments: Returns: |
Param1 - Param10
The proper use of the generic arguments are defined in the definition of each service above.