CASA/CASA-auth-token/client/csharp-api
2007-04-13 19:21:40 +00:00
..
Novell.Casa.Authtoken Added flush AuthToken cache API. 2007-04-13 19:21:40 +00:00
test Added flush AuthToken cache API. 2007-04-13 19:21:40 +00:00
README Separated the non-java project into client and server projects 2006-11-13 06:32:58 +00:00
TODO Separated the non-java project into client and server projects 2006-11-13 06:32:58 +00:00

/***********************************************************************
 * 
 *  Copyright (C) 2006 Novell, Inc. All Rights Reserved.
 *
 *  This library is free software; you can redistribute it and/or
 *  modify it under the terms of the GNU Lesser General Public
 *  License as published by the Free Software Foundation; version 2.1
 *  of the License.
 *
 *  This library is distributed in the hope that it will be useful,
 *  but WITHOUT ANY WARRANTY; without even the implied warranty of
 *  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
 *  Library Lesser General Public License for more details.
 *
 *  You should have received a copy of the GNU Lesser General Public
 *  License along with this library; if not, Novell, Inc.
 * 
 *  To contact Novell about this file by physical or electronic mail, 
 *  you may find current contact information at www.novell.com.
 * 
 *  Author: Juan Carlos Luciani <jluciani@novell.com>
 *
 ***********************************************************************/
/***********************************************************************
 *
 *  README for Novell.Casa.Client.Auth CSHARP Library
 *
 ***********************************************************************/

INTRODUCTION

Novell.Casa.Client.Auth CSHARP Library provides a class for CSHARP client
applications to obtain authentication tokens from the CASA Authentication
Token Infrastructure.

CLIENT APPLICATION PROGRAMMING NOTES

The Novell.Casa.Client.Auth.Authtoken class provides static method ObtainAuthToken()
to allow client applications to obtain CASA Authentication Tokens. The caller must
supply the name of the service to which it wants to authenticate along with the name
of the host where it resides to the static method. The returned authentication token
is a Base64 encoded string.

Applications utilizing CASA Authentication Tokens as passwords in protocols that require the
transfer of user name and password credentials should verify or remove any password length limits
as the length of CASA Authentication Tokens may be over 1K bytes. The size of the CASA Authentication
Tokens is directly dependent on the amount of identity information configured as required by the
consuming service. These applications should also set the user name to "CasaPrincipal".

For examples of code which uses the Novell.Casa.Client.Auth.Authtoken class look at the test
application under the test folder.

SECURITY CONSIDERATIONS

CASA Authentication Tokens when compromised can be used to either impersonate
a user or to obtain identity information about the user. Because of this it is
important that the tokens be secured by applications making use of them. It is
recommended that the tokens be transmitted using SSL.