69 lines
2.7 KiB
Plaintext
69 lines
2.7 KiB
Plaintext
/***********************************************************************
|
|
*
|
|
* Copyright (C) 2006 Novell, Inc. All Rights Reserved.
|
|
*
|
|
* This library is free software; you can redistribute it and/or
|
|
* modify it under the terms of the GNU Lesser General Public
|
|
* License as published by the Free Software Foundation; version 2.1
|
|
* of the License.
|
|
*
|
|
* This library is distributed in the hope that it will be useful,
|
|
* but WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
|
|
* Library Lesser General Public License for more details.
|
|
*
|
|
* You should have received a copy of the GNU Lesser General Public
|
|
* License along with this library; if not, Novell, Inc.
|
|
*
|
|
* To contact Novell about this file by physical or electronic mail,
|
|
* you may find current contact information at www.novell.com.
|
|
*
|
|
* Author: Juan Carlos Luciani <jluciani@novell.com>
|
|
*
|
|
***********************************************************************/
|
|
/***********************************************************************
|
|
*
|
|
* README for Novell.Casa.Client.Auth CSHARP Library
|
|
*
|
|
***********************************************************************/
|
|
|
|
INTRODUCTION
|
|
|
|
Novell.Casa.Client.Auth CSHARP Library provides a class for CSHARP client
|
|
applications to obtain authentication tokens from the CASA Authentication
|
|
Token Infrastructure.
|
|
|
|
CLIENT APPLICATION PROGRAMMING NOTES
|
|
|
|
The Novell.Casa.Client.Auth.Authtoken class provides static method ObtainAuthToken()
|
|
to allow client applications to obtain CASA Authentication Tokens. The caller must
|
|
supply the name of the service to which it wants to authenticate along with the name
|
|
of the host where it resides to the static method. The returned authentication token
|
|
is a Base64 encoded string.
|
|
|
|
Applications utilizing CASA Authentication Tokens as passwords in protocols that require the
|
|
transfer of user name and password credentials should verify or remove any password length limits
|
|
as the length of CASA Authentication Tokens may be over 1K bytes. The size of the CASA Authentication
|
|
Tokens is directly dependent on the amount of identity information configured as required by the
|
|
consuming service. These applications should also set the user name to "CasaPrincipal".
|
|
|
|
For examples of code which uses the Novell.Casa.Client.Auth.Authtoken class look at the test
|
|
application under the test folder.
|
|
|
|
SECURITY CONSIDERATIONS
|
|
|
|
CASA Authentication Tokens when compromised can be used to either impersonate
|
|
a user or to obtain identity information about the user. Because of this it is
|
|
important that the tokens be secured by applications making use of them. It is
|
|
recommended that the tokens be transmitted using SSL.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|