Authorization Web Service

Description Authorization services
Namespace http://portwise.com/ws/v1/authorization
Endpoint https://<hostname>/ws/v1/services/Authorization
Style Document/Literal
WSDL https://<host>/ws/v1/services/Authorization?wsdl
Since 5.2
See also Authentication

Verifies access to resources for a subject. The access decision depends on how the resource is configured. The rules determining access may contain limitation based on a time schedule, certain IP addresses or multiple authentication mechanisms. It is not required to be authenticated before using authorization so it may be used in an on-demand environment, such as a web application that prompts for authentication when accessing a protected page.

Endpoint Services


Name authorize
Description Verifies access to a resource for a specific subject.
Input
subject a Subject representing the entity to be authorized, which must contain a locale and may contain principals from a previous authentication request.
resource a string with the URI for the resource to verify access to. The fully qualified URI must be entered, including any port number. A web resource example: "http://www.acme.com:80/myresource".
attributes a List<MapItem> containing extra authorization attributes, such as the subject's IP address or similar, required for the authorization to determine access. The contents of the attributes depends on the authorization configuration and may contain multiple values for the same key. If no attributes are required the attributes may be set to null.

Attribute names:

device Storage key of device
encryption SSL encryption strength, in bits
clientip IP address in dot notation
Output None.
Since 5.2
Faults
WSException if a general error occurs.
AuthorizationException if access requires authentication or access is denied.

Java Example

The example illustrates how to make an authorization request for a web resource providing information on client strength of SSL encryption. Error handling and call to Authenticate omitted. 

    // Locate authorize web service
    AuthorizeService locator = new AuthorizeService();
    Authorize service = locator.getAuthorization();

    // Set SSL encryption strength in use
    List<MapItem> attribs = new ArrayList<>();
    MapItem encryption = new MapItem();
    encryption.setKey("encryption");
    encryption.setValue("128".getBytes(StandardCharsets.UTF_8));
    attribs.add(encryption);

    // Execute authorization
    service.authorize(subject, "http://www.acme.com:80/myresource", attribs);

Copyright © 1999-2023, Technology Nexus Secured Business Solutions AB. All rights reserved.