OpenSSO has an "extended" set of webservices (REST) interfaces that enables applications to interface with openSSO a piece of cake. The following table lists the REST URL's and their operations and parameters:
The following code snippet shows how you can authenticate against openSSO using the REST interface and obtain an openSSO token for a user.
<%
url = "http://localhost:8080/opensso/identity/authenticate";
String username = "rpinto";
String password = "testpass";
java.net.URL iurl = new java.net.URL(url);
java.net.URLConnection connection = iurl.openConnection();
connection.setRequestProperty("Content-Type", "application/x-www-form-urlencoded");
// Send POST output.
connection.setRequestMethod("POST");
java.io.DataOutputStream printout = new java.io.DataOutputStream(connection.getOutputStream ());
String content = "username=" + java.net.URLEncoder.encode (username) +
"&password=" + java.net.URLEncoder.encode (password);
printout.writeBytes (content);
printout.flush (); printout.close ();
java.io.BufferedReader reader = new java.io.BufferedReader(new java.io.InputStreamReader(
(java.io.InputStream) connection.getContent()));
out.println("<h2>Successful Authentication using REST</h2>");
String line;
while ((line = reader.readLine()) != null) {
out.println(line + "<br>");
int index = line.indexOf("token");
if (index != -1) {
token = line.substring(9);
}
}
%>
This code opens an HTTP URL connection and performs a POST operation with the user name and password before displaying the response in the browser.
The request on the wire reads as follows:
POST /opensso/authenticate HTTP/1.1
Host: localhost
User-Agent: Mozilla/4.0
Content-Length: 27
Content-Type: application/x-www-form-urlencoded
username=rpinto&password=testpass
And the response would be—
token.id=AQIC5wM2LY4SfcykUxffyyVGC6k9vHhe7JcyrhHbmlpVZPI=@AAJTSQACMDE=#f