Notice: This Wiki is now read only and edits are no longer possible. Please see: https://gitlab.eclipse.org/eclipsefdn/helpdesk/-/wikis/Wiki-shutdown-plan for the plan.
Difference between revisions of "CardSync API"
(New page: ==== Data Transfer objects ==== 800x400px =====AccessTokenTO===== public class AccessTokenTO<br> extends java.lang.Object<br> im...) |
|||
| Line 1: | Line 1: | ||
| − | + | {{#eclipseproject:technology.higgins|eclipse_custom_style.css}} | |
| + | |||
| + | [[Image:Higgins_logo_76Wx100H.jpg|right]] | ||
| + | |||
| + | == Data Transfer objects == | ||
[[Image:Org.eclipse.higgins.rpps.sync.ClassDiagram.jpg|800x400px]] | [[Image:Org.eclipse.higgins.rpps.sync.ClassDiagram.jpg|800x400px]] | ||
| − | + | ===AccessTokenTO=== | |
public class AccessTokenTO<br> | public class AccessTokenTO<br> | ||
extends java.lang.Object<br> | extends java.lang.Object<br> | ||
| Line 16: | Line 20: | ||
private java.lang.Integer maxIdleTime Represents max idle time in seconds.<br> | private java.lang.Integer maxIdleTime Represents max idle time in seconds.<br> | ||
| − | + | ===BaseTO=== | |
public class BaseTO<br> | public class BaseTO<br> | ||
| Line 27: | Line 31: | ||
private RevisionTO revision Represents revision information.<br> | private RevisionTO revision Represents revision information.<br> | ||
| − | + | === RevisionTO === | |
public class RevisionTO<br> | public class RevisionTO<br> | ||
extends java.lang.Object<br> | extends java.lang.Object<br> | ||
| Line 37: | Line 41: | ||
private java.lang.Long number Represents revision number.<br> | private java.lang.Long number Represents revision number.<br> | ||
| − | + | === CardTO === | |
public class CardTO | public class CardTO | ||
extends BaseTO | extends BaseTO | ||
| Line 63: | Line 67: | ||
private java.lang.String version Card version.<br> | private java.lang.String version Card version.<br> | ||
| − | + | === MCardTO === | |
public class MCardTO<br>v | public class MCardTO<br>v | ||
extends CardTO<br> | extends CardTO<br> | ||
| Line 76: | Line 80: | ||
private TokenServiceTO[] tokenServices Represents array of security token services.<br> | private TokenServiceTO[] tokenServices Represents array of security token services.<br> | ||
| − | + | === PCardTO === | |
public class PCardTO<br> | public class PCardTO<br> | ||
extends CardTO<br> | extends CardTO<br> | ||
| Line 85: | Line 89: | ||
private byte[] pinDigest Contains the base64 encoded bytes of the SHA1 hash of the pin code<br> | private byte[] pinDigest Contains the base64 encoded bytes of the SHA1 hash of the pin code<br> | ||
| − | + | === ClaimTO === | |
public class ClaimTO<br> | public class ClaimTO<br> | ||
extends java.lang.Object<br> | extends java.lang.Object<br> | ||
| Line 97: | Line 101: | ||
private java.lang.String[] values Represents claim values.<br> | private java.lang.String[] values Represents claim values.<br> | ||
| − | + | === ClaimUiDescriptor === | |
public class ClaimUiDescriptor<br> | public class ClaimUiDescriptor<br> | ||
extends java.lang.Object<br> | extends java.lang.Object<br> | ||
| Line 118: | Line 122: | ||
<br> | <br> | ||
| − | + | === ClaimTypeTO=== | |
public class ClaimTypeTO<br> | public class ClaimTypeTO<br> | ||
extends java.lang.Object<br> | extends java.lang.Object<br> | ||
| Line 130: | Line 134: | ||
private java.lang.String type Represents type URI.<br> | private java.lang.String type Represents type URI.<br> | ||
| − | + | === CardExtensionTO === | |
public class CardExtensionTO<br> | public class CardExtensionTO<br> | ||
extends java.lang.Object<br> | extends java.lang.Object<br> | ||
| Line 140: | Line 144: | ||
private java.lang.String extensionXmlElement Represents extension element data.<br> | private java.lang.String extensionXmlElement Represents extension element data.<br> | ||
| − | + | === StsPrivacyPolicyTO === | |
public class StsPrivacyPolicyTO<br> | public class StsPrivacyPolicyTO<br> | ||
extends java.lang.Object<br> | extends java.lang.Object<br> | ||
| Line 150: | Line 154: | ||
private java.lang.String version STS/IdP privacy policy version.<br> | private java.lang.String version STS/IdP privacy policy version.<br> | ||
| − | + | === TokenServiceTO === | |
public class TokenServiceTO<br> | public class TokenServiceTO<br> | ||
extends java.lang.Object<br> | extends java.lang.Object<br> | ||
| Line 160: | Line 164: | ||
private CredentialDescriptorTO userCredential Represents Token Service credential.<br> | private CredentialDescriptorTO userCredential Represents Token Service credential.<br> | ||
| − | + | === CredentialDescriptorTO === | |
public class CredentialDescriptorTO<br> | public class CredentialDescriptorTO<br> | ||
extends java.lang.Object<br> | extends java.lang.Object<br> | ||
| Line 177: | Line 181: | ||
</ul><br> | </ul><br> | ||
| − | + | === EndpointReferenceTO === | |
public class EndpointReferenceTO<br> | public class EndpointReferenceTO<br> | ||
extends java.lang.Object<br> | extends java.lang.Object<br> | ||
| Line 189: | Line 193: | ||
private java.lang.String metadataXml Represents Metadata element of TokenService.<br> | private java.lang.String metadataXml Represents Metadata element of TokenService.<br> | ||
| − | + | === CardHistoryTO === | |
public class CardHistoryTO<br> | public class CardHistoryTO<br> | ||
extends BaseTO<br> | extends BaseTO<br> | ||
| Line 199: | Line 203: | ||
private WebFormTO form Represents html web form elements.<br> | private WebFormTO form Represents html web form elements.<br> | ||
| − | + | === WebFormTO === | |
public class WebFormTO<br> | public class WebFormTO<br> | ||
extends java.lang.Object<br> | extends java.lang.Object<br> | ||
| Line 211: | Line 215: | ||
private java.net.URI url Represents web page URL.<br> | private java.net.URI url Represents web page URL.<br> | ||
| − | + | === CardCategoryTO === | |
public class CardCategoryTO<br> | public class CardCategoryTO<br> | ||
extends BaseTO<br> | extends BaseTO<br> | ||
| Line 224: | Line 228: | ||
private java.lang.String type Represents category type.<br> | private java.lang.String type Represents category type.<br> | ||
| − | + | === UserProfileTO === | |
public class UserProfileTO<br> | public class UserProfileTO<br> | ||
extends BaseTO<br> | extends BaseTO<br> | ||
| Line 239: | Line 243: | ||
private java.util.Date modifiedTime Represents last updated date.<br> | private java.util.Date modifiedTime Represents last updated date.<br> | ||
| − | + | === CardCredentialTO === | |
public class CardCredentialTO<br> | public class CardCredentialTO<br> | ||
extends BaseTO<br> | extends BaseTO<br> | ||
| Line 247: | Line 251: | ||
private java.lang.String credentialType Represent credential type.<br> | private java.lang.String credentialType Represent credential type.<br> | ||
| − | + | === UsernamePasswordCredentialTO === | |
public class UsernamePasswordCredentialTO<br> | public class UsernamePasswordCredentialTO<br> | ||
extends CardCredentialTO<br> | extends CardCredentialTO<br> | ||
| Line 258: | Line 262: | ||
private java.lang.String username Represents username.<br> | private java.lang.String username Represents username.<br> | ||
| − | + | === PinCredentialTO === | |
public class PinCredentialTO<br> | public class PinCredentialTO<br> | ||
extends CardCredentialTO<br> | extends CardCredentialTO<br> | ||
| Line 267: | Line 271: | ||
private byte[] pinCode Represents pinCode.<br> | private byte[] pinCode Represents pinCode.<br> | ||
| − | + | === UseAlwaysTO === | |
public class UseAlwaysTO<br> | public class UseAlwaysTO<br> | ||
extends BaseTO<br> | extends BaseTO<br> | ||
| Line 276: | Line 280: | ||
private WebFormTO form Represents html web form elements.<br> | private WebFormTO form Represents html web form elements.<br> | ||
| − | + | === CaptchaTO === | |
public class CaptchaTO<br> | public class CaptchaTO<br> | ||
extends BaseTO<br> | extends BaseTO<br> | ||
| Line 285: | Line 289: | ||
private byte[] image Captcha image.<br> | private byte[] image Captcha image.<br> | ||
| − | + | === OperationTO === | |
public class OperationTO<br> | public class OperationTO<br> | ||
extends java.lang.Object<br> | extends java.lang.Object<br> | ||
| Line 301: | Line 305: | ||
<br> | <br> | ||
| − | + | == Exceptions == | |
| − | + | Coming soon. | |
| − | + | == Authentication == | |
Almost all Card Sync Web App methods requres user authentication (excepts addUserProfile, getPasswordResetCode etc). | Almost all Card Sync Web App methods requres user authentication (excepts addUserProfile, getPasswordResetCode etc). | ||
These diagrams illustrate the sequence of interactions between Local ICard Selector and Card Sync Web App. | These diagrams illustrate the sequence of interactions between Local ICard Selector and Card Sync Web App. | ||
| Line 310: | Line 314: | ||
[[Image:AuthenticationULD.jpg|790x400px]] | [[Image:AuthenticationULD.jpg|790x400px]] | ||
| − | + | ===Authentication Process=== | |
1. Get Access Token (Sign on). See [[Selector_Architecture_Harmonization#AccessTokenTO]]<br> | 1. Get Access Token (Sign on). See [[Selector_Architecture_Harmonization#AccessTokenTO]]<br> | ||
1.1 Local ICard Selector contacts the Card Sync Web App, asking for AccessTokenTO by using username/password credential getAccessToken(userIdentifier,password).<br> | 1.1 Local ICard Selector contacts the Card Sync Web App, asking for AccessTokenTO by using username/password credential getAccessToken(userIdentifier,password).<br> | ||
| Line 333: | Line 337: | ||
---- | ---- | ||
| − | + | ===Pass Access Token Identifier with HTTP header "access_token"=== | |
We're going to support Rest API for synchronizing user cards. It assumes to use http GET requests for retrieving protectedn data, so it has to include Access Token Identifier to request url. if we pass Access Token Identifier by using http header, it may be more protected way (of course only with https). | We're going to support Rest API for synchronizing user cards. It assumes to use http GET requests for retrieving protectedn data, so it has to include Access Token Identifier to request url. if we pass Access Token Identifier by using http header, it may be more protected way (of course only with https). | ||
Both Rest and Soap web services would read access token from http headers. | Both Rest and Soap web services would read access token from http headers. | ||
| − | + | ===Encrypt/Decrypt Access Token Identifier=== | |
For prevent unauthorized access, we would encrypt Access Token Identifier by using public user key (on server side) and public server key (on client side). | For prevent unauthorized access, we would encrypt Access Token Identifier by using public user key (on server side) and public server key (on client side). | ||
| − | + | ===Access Token idle timeout=== | |
if Access Token wasn't used more than idle timeout, it will be deleted automatically. | if Access Token wasn't used more than idle timeout, it will be deleted automatically. | ||
| − | + | ===Single sign on === | |
We would support single sign-on/sign-out workflow. it makes sense by secure reason ( and it may be useful for r-card solution). | We would support single sign-on/sign-out workflow. it makes sense by secure reason ( and it may be useful for r-card solution). | ||
| − | + | === Authentication with OpenId, X509Certificate, ...=== | |
For supporting new authentication type we have to add just one method getAccessToken(new credential data ). | For supporting new authentication type we have to add just one method getAccessToken(new credential data ). | ||
| − | + | == JAX-RS API == | |
| − | + | Coming soon. | |
| − | + | ||
| − | + | ||
| − | === | + | === Resources === |
| − | + | Coming soon. | |
| − | + | ||
| − | + | ||
| − | + | ||
| − | + | ||
| − | + | ||
| − | ===== | + | ==== MCard ==== |
| − | ===== | + | ==== PCard ==== |
| + | ==== CardHistory ==== | ||
| + | ==== CardCategory ==== | ||
| + | ==== CardCredential ==== | ||
| + | ==== UseAlways ==== | ||
| + | ==== UserProfile ==== | ||
| − | === | + | === WADL === |
| − | === | + | === Serializable formats === |
| − | ====== Google protobuf (application/x-protobuf) | + | ==== XML(application/xml) ==== |
| + | ==== JSON(application/json) ==== | ||
| + | |||
| + | ==== Google protobuf (application/x-protobuf) ==== | ||
http://code.google.com/p/protobuf/ | http://code.google.com/p/protobuf/ | ||
| − | + | ==== X3 (application/x3) ==== | |
| + | |||
| + | == JAX-WS API == | ||
| + | Coming soon. | ||
| − | + | === WSDL === | |
| − | + | === Serializable formats === | |
| − | + | === SOAP (application/soap+xml) ==== | |
| − | + | ||
| − | + | ||
| − | + | == Sequences == | |
| − | + | === Synchronize card === | |
| − | + | === Synchronize card history === | |
| − | + | === Synchronize card category === | |
| − | + | === Synchronize user profile === | |
Revision as of 17:02, 31 January 2009
{{#eclipseproject:technology.higgins|eclipse_custom_style.css}}
Contents
- 1 Data Transfer objects
- 1.1 AccessTokenTO
- 1.2 BaseTO
- 1.3 RevisionTO
- 1.4 CardTO
- 1.5 MCardTO
- 1.6 PCardTO
- 1.7 ClaimTO
- 1.8 ClaimUiDescriptor
- 1.9 ClaimTypeTO
- 1.10 CardExtensionTO
- 1.11 StsPrivacyPolicyTO
- 1.12 TokenServiceTO
- 1.13 CredentialDescriptorTO
- 1.14 EndpointReferenceTO
- 1.15 CardHistoryTO
- 1.16 WebFormTO
- 1.17 CardCategoryTO
- 1.18 UserProfileTO
- 1.19 CardCredentialTO
- 1.20 UsernamePasswordCredentialTO
- 1.21 PinCredentialTO
- 1.22 UseAlwaysTO
- 1.23 CaptchaTO
- 1.24 OperationTO
- 2 Exceptions
- 3 Authentication
- 4 JAX-RS API
- 5 JAX-WS API
- 6 Sequences
Data Transfer objects
AccessTokenTO
public class AccessTokenTO
extends java.lang.Object
implements java.io.Serializable
AccessToken transfer object. See Selector_Architecture_Harmonization#Authentication
private java.lang.String id Represents token identifier.
private java.util.Date issuedTime Represents issued date time.
private java.lang.Integer maxIdleTime Represents max idle time in seconds.
BaseTO
public class BaseTO
extends java.lang.Object
implements java.io.Serializable
Base transfer object. All resources should extend it.
private java.lang.String id Represents unique resource server identifier.
private RevisionTO revision Represents revision information.
RevisionTO
public class RevisionTO
extends java.lang.Object
implements java.io.Serializable
Resource revision transfer object.
private java.util.Date modifiedTime Represents last modified date.
private java.lang.Long number Represents revision number.
CardTO
public class CardTO extends BaseTO implements java.io.Serializable
Card transfer object.
private java.lang.String cardId Represents card identifier.
private ClaimTO[] claims Card claims.
private java.util.Date expiredTime Card expired date.
private CardExtensionTO[] extensions Card extensions.
private byte[] hashSalt Card hash salt.
private byte[] image Card image.
private java.lang.String imageType Card image mime type.
private java.util.Date issuedTime Issued(created) time.
private java.lang.String issuer Card issuer name.
private byte[] issuerID Card issuer identifier.
private java.lang.String issuerName Human friendly card issuer name.
private java.util.Date lastUpdatedTime Last card updated date.
private byte[] masterKey Card master key.
private java.lang.String name Human friendly card name.
private java.lang.Boolean selfIssued Is card self issued.
private ClaimTypeTO[] supportedClaimTypes Represents array of all possible types of claim that are supported.
private java.lang.String[] supportedTokenTypes Represents arrays of token types which can be provided for this card.
private java.lang.String version Card version.
MCardTO
public class MCardTO
v
extends CardTO
implements java.io.Serializable
Managed card transfer object.
private java.lang.String ic07IssuerInformation Represents /ic07:IssuerInformation extension element
private java.lang.Boolean requireAppliesTo Represents requireAppliesTo card element.
private java.lang.Boolean strongRecipientIdentityRequired Represents /ic07:RequireStrongRecipientIdentity extension element If true than Selector MUST only allow the card to be used at a Relying Party that presents a cryptographically protected identity X.509v3 certificate.
private StsPrivacyPolicyTO stsPrivacyPolicyTO STS/IdP privacy policy
private TokenServiceTO[] tokenServices Represents array of security token services.
PCardTO
public class PCardTO
extends CardTO
implements java.io.Serializable
Personal card transfer object.
private byte[] pinDigest Contains the base64 encoded bytes of the SHA1 hash of the pin code
ClaimTO
public class ClaimTO
extends java.lang.Object
implements java.io.Serializable
Card claim transfer object.
private ClaimTO[] claims Contains sub-claims if claim is complex claim.
private ClaimTypeTO claimType Represents claim type
private ClaimUiDescriptor claimUiDescriptor Represents meta information for building user friendly claim editor.
private java.lang.String[] values Represents claim values.
ClaimUiDescriptor
public class ClaimUiDescriptor
extends java.lang.Object
implements java.io.Serializable
Claim user interface descriptor transfer object. Has meta information for building user friendly claim editor.
private java.lang.String inputMask Might contain input mask for formating claim value on client side.
private java.lang.String[] optionalValues Should contain possible optional values If type equal 4 (TYPE_COMBOBOX ).
private java.lang.String pattern Might contain regular express for validating user input on client side.
private java.lang.String type Defines claim editor type.
- TextField GUI component type TYPE_TEXTFILED = 0;
- TextArea GUI component type TYPE_TEXTAREA = 1;
- FileChooser GUI component type TYPE_FILE = 2;
- CheckField GUI component type TYPE_CHECKBOX = 3;
- ComboBox GUI component type TYPE_COMBOBOX = 4;
- Date(time) GUI component type TYPE_DATETIME = 5.
ClaimTypeTO
public class ClaimTypeTO
extends java.lang.Object
implements java.io.Serializable
ClaimType transfer object.
private java.lang.String description Represents description.
private java.lang.String displayName Represents the human friendly name.
private java.lang.Boolean isSimple Determines whether corresponding IClaim is simple or complex.
private java.lang.String type Represents type URI.
CardExtensionTO
public class CardExtensionTO
extends java.lang.Object
implements java.io.Serializable
CardExtension transfer object.
private java.lang.Boolean enabled Is extension enabled.
private java.lang.String extensionXmlElement Represents extension element data.
StsPrivacyPolicyTO
public class StsPrivacyPolicyTO
extends java.lang.Object
implements java.io.Serializable
STS/IdP privacy policy transfer object.
private java.lang.String url STS/IdP privacy policy url.
private java.lang.String version STS/IdP privacy policy version.
TokenServiceTO
public class TokenServiceTO
extends java.lang.Object
implements java.io.Serializable
Token service transfer object.
private EndpointReferenceTO endpointReference Represents Token Service endpoint.
private CredentialDescriptorTO userCredential Represents Token Service credential.
CredentialDescriptorTO
public class CredentialDescriptorTO
extends java.lang.Object
implements java.io.Serializable
Token service credential descriptor transfer object.
private java.lang.String credentialXmlElement Represent xml element.
private java.lang.String displayCredentialHint Represent user friendly credential hint.
private java.lang.String type Represent credential type.
- SelfIssuedCredential;
- X509V3Credential
- KerberosV5Credential
- UsernamePasswordCredential
EndpointReferenceTO
public class EndpointReferenceTO
extends java.lang.Object
implements java.io.Serializable
Token service Endpoint reference transfer object.
private java.net.URI address Represents address.
private java.lang.String identityXml Represents Identity element of TokenService.
private java.net.URI metadataAddress Represents Metadata Address URI if Metadata contains it.
private java.lang.String metadataXml Represents Metadata element of TokenService.
CardHistoryTO
public class CardHistoryTO
extends BaseTO
implements java.io.Serializable
Card history transfer object.
private java.util.Date date Represents date time of card usage.
private WebFormTO form Represents html web form elements.
WebFormTO
public class WebFormTO
extends java.lang.Object
implements java.io.Serializable
Web form transfer object.
private java.lang.String formAction Represents html form action element.
private java.lang.String formId Represents html form id element.
private java.lang.String formName Represents html form name element.
private java.net.URI url Represents web page URL.
CardCategoryTO
public class CardCategoryTO
extends BaseTO
implements java.io.Serializable
Card category transfer object.
private java.lang.String[] cuids Represents associated card id array.
private int idx Represents category index.
private java.lang.String name Represents category name.
private java.lang.String parentId Represents parent category identifier.
private java.lang.String type Represents category type.
UserProfileTO
public class UserProfileTO
extends BaseTO
implements java.io.Serializable
User profile transfer object.
private java.util.Date createdTime Represents user account created date.
private java.lang.String email Represents user email address.
private java.lang.String firstName Represents user first name.
private java.lang.String lastName Represents user last name.
private java.lang.String loginName Represents user login name.
private java.lang.String mobile Represents user mobile number.
private java.util.Date modifiedTime Represents last updated date.
CardCredentialTO
public class CardCredentialTO
extends BaseTO
implements java.io.Serializable
Card credential transfer object.
private java.lang.String credentialType Represent credential type.
UsernamePasswordCredentialTO
public class UsernamePasswordCredentialTO
extends CardCredentialTO
implements java.io.Serializable
UsernamePasswordCredential credential transfer object. It needs for supporting auto-login.
private java.net.URI tsAddress Represents STS/IdP addres.
private java.net.URI tsMetadataAddress Represents STS/IdP meta address
private java.lang.String username Represents username.
PinCredentialTO
public class PinCredentialTO
extends CardCredentialTO
implements java.io.Serializable
PinCredential transfer object.
private byte[] pinCode Represents pinCode.
UseAlwaysTO
public class UseAlwaysTO
extends BaseTO
implements java.io.Serializable
UseAlways transfer object. It needs for supporting auto-login.
private WebFormTO form Represents html web form elements.
CaptchaTO
public class CaptchaTO
extends BaseTO
implements java.io.Serializable
Captcha transfer object. It needs for password-reset workflow.
private byte[] image Captcha image.
OperationTO
public class OperationTO
extends java.lang.Object
implements java.io.Serializable
Log operation transfer object.
- Persist
- Delete
- DeleteAll
private BaseTO resource Represents resource. It might be null for "Delete".
private java.lang.String resourceId Represents server resource identifier. It might be null for "DeleteAll".
private java.lang.String resourceType Represents resource type.
Exceptions
Coming soon.
Authentication
Almost all Card Sync Web App methods requres user authentication (excepts addUserProfile, getPasswordResetCode etc).
These diagrams illustrate the sequence of interactions between Local ICard Selector and Card Sync Web App.
Authentication Process
1. Get Access Token (Sign on). See Selector_Architecture_Harmonization#AccessTokenTO
1.1 Local ICard Selector contacts the Card Sync Web App, asking for AccessTokenTO by using username/password credential getAccessToken(userIdentifier,password).
1.2 Card Sync Web App invokes authenticate(userIdentifier, password) Card Sync Service method.
1.3 Card Sync Service delegate authentication to ILoginService (JAAS).
1.4 if ILoginService may authenticate user it return UserAccout instance (it needs for accessing protected data).
1.5 Card Sync Web App invokes buildAccessToken(userAccount) Card Sync Service method for generating AccessToken.
1.6 Card Sync Service builds and stores AccessToken.
1.7 Card Sync Web App return AccessTokenTO to Local ICard Selector.
2. Get user protected data.
2.1 Local ICard Selector asking Card Sync Web App for protected data by using Access Token Identifier (AccessTokenTO.id).
2.2 Card Sync Web App delegate validation of Access Token Identifier to Card Sync Service checkAccessToken(AccessTokenTO.id).
2.3 if Access Token Identifier is valid Card Sync Service return AccessToken.
2.4 Card Sync Web App retrieve protected data by using AccessToken.
2.5 Card Sync Web App return protected data to Local ICard Selector.
3. Delete Access Token (Sign out).
3.1 Local ICard Selector has to invoke deleteAccessToken(AccessTokenTO.id) Card Sync Web App method.
3.2 Card Sync Web App delegates it to Card Sync Service by using deleteAccessToken(id) method.
Pass Access Token Identifier with HTTP header "access_token"
We're going to support Rest API for synchronizing user cards. It assumes to use http GET requests for retrieving protectedn data, so it has to include Access Token Identifier to request url. if we pass Access Token Identifier by using http header, it may be more protected way (of course only with https).
Both Rest and Soap web services would read access token from http headers.
Encrypt/Decrypt Access Token Identifier
For prevent unauthorized access, we would encrypt Access Token Identifier by using public user key (on server side) and public server key (on client side).
Access Token idle timeout
if Access Token wasn't used more than idle timeout, it will be deleted automatically.
Single sign on
We would support single sign-on/sign-out workflow. it makes sense by secure reason ( and it may be useful for r-card solution).
Authentication with OpenId, X509Certificate, ...
For supporting new authentication type we have to add just one method getAccessToken(new credential data ).
JAX-RS API
Coming soon.
Resources
Coming soon.
MCard
PCard
CardHistory
CardCategory
CardCredential
UseAlways
UserProfile
WADL
Serializable formats
XML(application/xml)
JSON(application/json)
Google protobuf (application/x-protobuf)
http://code.google.com/p/protobuf/
X3 (application/x3)
JAX-WS API
Coming soon.