login
Login starts a session and (optionally) validates a user.
If records or entire databases are protected by some type of user authentication, wwwopac.ashx needs to be called with a user name, password and optionally a domain to start a session for the user, to determine which access rights this user has and to apply them.
From wwwopac.ashx 3.6.272.0 up to 3.6.1224, user authentication has to be set up in the web.config file for the Internet Server, and the authentication details are stored per user, either in an Axiell Collections database, Active Directory or a SQL Server membership database. From wwwopac.ashx 3.6.1225 however, user authentication has to be set up in the adlibweb.xml file (again), and the authentication details are stored per user, either in an Axiell Collections database or Active Directory. Although there are two (or three) types of user authentication, login always has to be explicit. The format of the login request is the same for all methods.
To log in, provide at least a user name and password; submitted domains (and roles) are currently not used by wwwopac.ashx to apply access rights. In the XML reply from a login, the user name, possibly a domain, any user groups/roles (the latter in <group>
nodes) and any mapped fields are retrieved.
If more than one <authenticationConfiguration>
section has been specified in adlibweb.xml, then on login those sections will be read consecutively from top to bottom to collect all user authentication details from all these sources (as far as the submitted login details apply to a source) and deliver those as a reply in a single record in Axiell AdlibXML format to the client. This means it might be possible to login with your Windows user name and password, as well as with your borrower details, depending on the setup in adlibweb.xml. Do realise that the reply can be different: logging in with borrower details will return the default groups set in the <authenticationConfiguration>
plus any groups from a groups field (if specified), whilst logging in with a Windows user name and password will return the Active Directory domains for that user plus the default groups: groups from a groups field will only be returned this way if the Windows user name is the same as the borrower name. (When you do not specify the domain in a login request, all AD groups/roles for a user are returned in the XML. If a domain is specified in the request, only the roles for that domain are returned in the XML.) If the Windows user name equals the borrower name, logging in with your Windows credentials retrieves groups from both Active Directory and the borrower database, as well as the default groups.
A typical response from logging in with Windows credentials would be:
<?xml version="1.0" encoding="UTF-8" ?> <adlibXML> <recordList> <record> <userName>erik</userName> <domain/> <group>Admin</group> <group>SDIUser</group> <group>Reserver</group> <group>Borrower</group> <group>Employee</group> <firstName>Erik</firstName> <lastName>Lange</lastName> <email>noreply@adlibsoft.com</email> <borrower_name>erik</borrower_name> <borrower_number>348</borrower_number> </record> </recordList> <diagnostic> <hits>1</hits> <xmltype>Unstructured</xmltype> </diagnostic> </adlibXML>
As in the current version, prior to version 3.6.272.0 authentication had to be set up in the authenticationConfiguration
option in adlibweb.xml, instead of in web.config. If the option had been set to windows
(not available in current version), then the user name, password and domain did not need to be sent along with the call explicitly because this login data was stored in Active directory user accounts and would automatically be used (implicitly) when calling wwwopac.ashx.
Syntax
command=login&<parameter>=<value>&...
- username (String) [optional] name of the user to log in.
- password (String) [optional] password for the user.
- domain (String) [optional] a domain (e.g. a branch or location) in which a user role is valid.
- no Adlib.Data-specific syntax or examples available yet -
- no jQuery-specific syntax or examples available yet -