Child pages
  • HTTP login service backend-requests API

Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

A request to an authentication URL is a HTTPS POST request

Code Block

POST /my/authentication/service HTTP/1.1
Host: auth.my.domain
Content-Type: application/x-www-form-urlencoded

user=<user>&passwd=<passwd>

...

An authentication must respond to an authentication request with an HTTP response with

Code Block

Content-Type: text/plain; charset=utf-8

and on of the following status codes:

Code Block

200 OK - successful authentication
401403 UnauthorizedForbidden - if nothe user and passwd fields are given in the POST data.
403 Forbidden - if the user name or the password is wrongname or the password is wrong or no user and passwd field ist given.
406 Not Acceptable - The status, which will be returned after to many unsuccessful authentications.

The body of the response *must* no contain more than 1024 bytes and should contain a short, information text message encoded in UTF-8. The text message will be logged by the gwt-http-login-service bundle and will not be displayed to the user.

 The server may enforce the use of HTTP basic authentication in order to keep offending servers away from dictionary attacks.