http://api.toxbank.net/index.php?title=OpenTox_API_1.2_A%26A&feed=atom&action=historyOpenTox API 1.2 A&A - Revision history2024-03-29T12:43:15ZRevision history for this page on the wikiMediaWiki 1.17.0http://api.toxbank.net/index.php?title=OpenTox_API_1.2_A%26A&diff=706&oldid=prevMrautenberg at 11:00, 9 December 20112011-12-09T11:00:08Z<p></p>
<table style="background-color: white; color:black;">
<col class='diff-marker' />
<col class='diff-content' />
<col class='diff-marker' />
<col class='diff-content' />
<tr valign='top'>
<td colspan='2' style="background-color: white; color:black;">← Older revision</td>
<td colspan='2' style="background-color: white; color:black;">Revision as of 11:00, 9 December 2011</td>
</tr><tr><td colspan="2" class="diff-lineno">Line 22:</td>
<td colspan="2" class="diff-lineno">Line 22:</td></tr>
<tr><td class='diff-marker'> </td><td style="background: #eee; color:black; font-size: smaller;"><div>|}<p><sup>1</sup> URI-encoded: <strong>YES</strong><br> Note: all parameters are <strong>form</strong> parameters.</p><p><strong>(b1)</strong></p></div></td><td class='diff-marker'> </td><td style="background: #eee; color:black; font-size: smaller;"><div>|}<p><sup>1</sup> URI-encoded: <strong>YES</strong><br> Note: all parameters are <strong>form</strong> parameters.</p><p><strong>(b1)</strong></p></div></td></tr>
<tr><td class='diff-marker'> </td><td style="background: #eee; color:black; font-size: smaller;"><div>{| class="wikitable"</div></td><td class='diff-marker'> </td><td style="background: #eee; color:black; font-size: smaller;"><div>{| class="wikitable"</div></td></tr>
<tr><td class='diff-marker'>−</td><td style="background: #ffa; color:black; font-size: smaller;"><div>| <p class="TableContents">Desired action</p></div></td><td class='diff-marker'>+</td><td style="background: #cfc; color:black; font-size: smaller;"><div>| <p class="TableContents"><ins class="diffchange diffchange-inline">'''</ins>Desired action<ins class="diffchange diffchange-inline">'''</ins></p></div></td></tr>
<tr><td class='diff-marker'>−</td><td style="background: #ffa; color:black; font-size: smaller;"><div>| <p class="TableContents">URL</p></div></td><td class='diff-marker'>+</td><td style="background: #cfc; color:black; font-size: smaller;"><div>| <p class="TableContents"><ins class="diffchange diffchange-inline">'''</ins>URL<ins class="diffchange diffchange-inline">'''</ins></p></div></td></tr>
<tr><td class='diff-marker'>−</td><td style="background: #ffa; color:black; font-size: smaller;"><div>| <p class="TableContents">Parameters</p></div></td><td class='diff-marker'>+</td><td style="background: #cfc; color:black; font-size: smaller;"><div>| <p class="TableContents"><ins class="diffchange diffchange-inline">'''</ins>Parameters<ins class="diffchange diffchange-inline">'''</ins></p></div></td></tr>
<tr><td class='diff-marker'>−</td><td style="background: #ffa; color:black; font-size: smaller;"><div>| <p class="TableContents">Return values (conditions)</p></div></td><td class='diff-marker'>+</td><td style="background: #cfc; color:black; font-size: smaller;"><div>| <p class="TableContents"><ins class="diffchange diffchange-inline">'''</ins>Return values (conditions)<ins class="diffchange diffchange-inline">'''</ins></p></div></td></tr>
<tr><td class='diff-marker'> </td><td style="background: #eee; color:black; font-size: smaller;"><div>|-  </div></td><td class='diff-marker'> </td><td style="background: #eee; color:black; font-size: smaller;"><div>|-  </div></td></tr>
<tr><td class='diff-marker'> </td><td style="background: #eee; color:black; font-size: smaller;"><div>| <p class="TableContents">All</p></div></td><td class='diff-marker'> </td><td style="background: #eee; color:black; font-size: smaller;"><div>| <p class="TableContents">All</p></div></td></tr>
</table>Mrautenberghttp://api.toxbank.net/index.php?title=OpenTox_API_1.2_A%26A&diff=705&oldid=prevMrautenberg at 10:59, 9 December 20112011-12-09T10:59:21Z<p></p>
<table style="background-color: white; color:black;">
<col class='diff-marker' />
<col class='diff-content' />
<col class='diff-marker' />
<col class='diff-content' />
<tr valign='top'>
<td colspan='2' style="background-color: white; color:black;">← Older revision</td>
<td colspan='2' style="background-color: white; color:black;">Revision as of 10:59, 9 December 2011</td>
</tr><tr><td colspan="2" class="diff-lineno">Line 33:</td>
<td colspan="2" class="diff-lineno">Line 33:</td></tr>
<tr><td class='diff-marker'> </td><td style="background: #eee; color:black; font-size: smaller;"><div>|}<p><sup>1</sup> URI-encoded: <strong>YES</strong><br>Note: all parameters are <strong>form</strong> parameters.</p><p><strong>(b2)</strong></p></div></td><td class='diff-marker'> </td><td style="background: #eee; color:black; font-size: smaller;"><div>|}<p><sup>1</sup> URI-encoded: <strong>YES</strong><br>Note: all parameters are <strong>form</strong> parameters.</p><p><strong>(b2)</strong></p></div></td></tr>
<tr><td class='diff-marker'> </td><td style="background: #eee; color:black; font-size: smaller;"><div>{| class="wikitable"</div></td><td class='diff-marker'> </td><td style="background: #eee; color:black; font-size: smaller;"><div>{| class="wikitable"</div></td></tr>
<tr><td class='diff-marker'>−</td><td style="background: #ffa; color:black; font-size: smaller;"><div>| <p class="TableContents">Desired action</p></div></td><td class='diff-marker'>+</td><td style="background: #cfc; color:black; font-size: smaller;"><div>| <p class="TableContents"><ins class="diffchange diffchange-inline">'''</ins>Desired action<ins class="diffchange diffchange-inline">'''</ins></p></div></td></tr>
<tr><td class='diff-marker'>−</td><td style="background: #ffa; color:black; font-size: smaller;"><div>| <p class="TableContents">URL</p></div></td><td class='diff-marker'>+</td><td style="background: #cfc; color:black; font-size: smaller;"><div>| <p class="TableContents"><ins class="diffchange diffchange-inline">'''</ins>URL<ins class="diffchange diffchange-inline">'''</ins></p></div></td></tr>
<tr><td class='diff-marker'>−</td><td style="background: #ffa; color:black; font-size: smaller;"><div>| <p class="TableContents">Parameters</p></div></td><td class='diff-marker'>+</td><td style="background: #cfc; color:black; font-size: smaller;"><div>| <p class="TableContents"><ins class="diffchange diffchange-inline">'''</ins>Parameters<ins class="diffchange diffchange-inline">'''</ins></p></div></td></tr>
<tr><td class='diff-marker'>−</td><td style="background: #ffa; color:black; font-size: smaller;"><div>| <p class="TableContents">Return values (conditions)</p></div></td><td class='diff-marker'>+</td><td style="background: #cfc; color:black; font-size: smaller;"><div>| <p class="TableContents"><ins class="diffchange diffchange-inline">'''</ins>Return values (conditions)<ins class="diffchange diffchange-inline">'''</ins></p></div></td></tr>
<tr><td class='diff-marker'> </td><td style="background: #eee; color:black; font-size: smaller;"><div>|-  </div></td><td class='diff-marker'> </td><td style="background: #eee; color:black; font-size: smaller;"><div>|-  </div></td></tr>
<tr><td class='diff-marker'> </td><td style="background: #eee; color:black; font-size: smaller;"><div>| <p class="TableContents">Authorization</p></div></td><td class='diff-marker'> </td><td style="background: #eee; color:black; font-size: smaller;"><div>| <p class="TableContents">Authorization</p></div></td></tr>
<tr><td colspan="2" class="diff-lineno">Line 44:</td>
<td colspan="2" class="diff-lineno">Line 44:</td></tr>
<tr><td class='diff-marker'> </td><td style="background: #eee; color:black; font-size: smaller;"><div>|}<p><sup>1</sup> URI-encoded: <strong>YES</strong><br>Note: all parameters are <strong>form</strong> parameters.<br><sup></sup></p><h3>Background</h3><p>Authentication: client authenticates against OpenSSO and obtains a token. The user data is drawn from the LDAP backend that also the Plone website uses.</p><p>Authorisation: Token is used to permit or deny a client a specific action. The token encodes conjunction of user and point of time and has a certain lifetime. If token is authorized for the action according to current server policy, the webservice performs the action.</p><p>To access a restricted/protected service, only tokens NOT credentials should be passed to the respective service (e.g. descriptor calculation)</p><p>&nbsp;</p><p>The OpenTox API needs modification in some places and the introduction of some new components. We have two cases:</p><blockquote dir="ltr"><p>(a) Authentication against OpenSSO: should be done by the client application<br>(b) Authorisation against OpenSSO for resource and action combinations</p></blockquote><p>For (1), we need to transmit user credentials and obtain a token, while part (b) can be decomposed into:</p><blockquote dir="ltr"><p>(b1) Client authorisation request to the webservice: should be done by the client application <br>(b2) Authorisation request confirmation from webservice to OpenSSO: should be done by the webservice.</p></blockquote><p>&nbsp;See&nbsp; [http://www.opentox.org/data/documents/development/opentoxreports/opentoxreportd33 documentation]</p><hr><h2>Policy REST operations</h2></div></td><td class='diff-marker'> </td><td style="background: #eee; color:black; font-size: smaller;"><div>|}<p><sup>1</sup> URI-encoded: <strong>YES</strong><br>Note: all parameters are <strong>form</strong> parameters.<br><sup></sup></p><h3>Background</h3><p>Authentication: client authenticates against OpenSSO and obtains a token. The user data is drawn from the LDAP backend that also the Plone website uses.</p><p>Authorisation: Token is used to permit or deny a client a specific action. The token encodes conjunction of user and point of time and has a certain lifetime. If token is authorized for the action according to current server policy, the webservice performs the action.</p><p>To access a restricted/protected service, only tokens NOT credentials should be passed to the respective service (e.g. descriptor calculation)</p><p>&nbsp;</p><p>The OpenTox API needs modification in some places and the introduction of some new components. We have two cases:</p><blockquote dir="ltr"><p>(a) Authentication against OpenSSO: should be done by the client application<br>(b) Authorisation against OpenSSO for resource and action combinations</p></blockquote><p>For (1), we need to transmit user credentials and obtain a token, while part (b) can be decomposed into:</p><blockquote dir="ltr"><p>(b1) Client authorisation request to the webservice: should be done by the client application <br>(b2) Authorisation request confirmation from webservice to OpenSSO: should be done by the webservice.</p></blockquote><p>&nbsp;See&nbsp; [http://www.opentox.org/data/documents/development/opentoxreports/opentoxreportd33 documentation]</p><hr><h2>Policy REST operations</h2></div></td></tr>
<tr><td class='diff-marker'> </td><td style="background: #eee; color:black; font-size: smaller;"><div>{| class="wikitable"</div></td><td class='diff-marker'> </td><td style="background: #eee; color:black; font-size: smaller;"><div>{| class="wikitable"</div></td></tr>
<tr><td class='diff-marker'>−</td><td style="background: #ffa; color:black; font-size: smaller;"><div>| <p class="TabellenInhalt">Desired action</p></div></td><td class='diff-marker'>+</td><td style="background: #cfc; color:black; font-size: smaller;"><div>| <p class="TabellenInhalt"><ins class="diffchange diffchange-inline">'''</ins>Desired action<ins class="diffchange diffchange-inline">'''</ins></p></div></td></tr>
<tr><td class='diff-marker'>−</td><td style="background: #ffa; color:black; font-size: smaller;"><div>| <p class="TabellenInhalt">URL</p></div></td><td class='diff-marker'>+</td><td style="background: #cfc; color:black; font-size: smaller;"><div>| <p class="TabellenInhalt"><ins class="diffchange diffchange-inline">'''</ins>URL<ins class="diffchange diffchange-inline">'''</ins></p></div></td></tr>
<tr><td class='diff-marker'>−</td><td style="background: #ffa; color:black; font-size: smaller;"><div>| <p class="TabellenInhalt">Parameters</p></div></td><td class='diff-marker'>+</td><td style="background: #cfc; color:black; font-size: smaller;"><div>| <p class="TabellenInhalt"><ins class="diffchange diffchange-inline">'''</ins>Parameters<ins class="diffchange diffchange-inline">'''</ins></p></div></td></tr>
<tr><td class='diff-marker'>−</td><td style="background: #ffa; color:black; font-size: smaller;"><div>| <p class="TabellenInhalt">Return values (conditions)</p></div></td><td class='diff-marker'>+</td><td style="background: #cfc; color:black; font-size: smaller;"><div>| <p class="TabellenInhalt"><ins class="diffchange diffchange-inline">'''</ins>Return values (conditions)<ins class="diffchange diffchange-inline">'''</ins></p></div></td></tr>
<tr><td class='diff-marker'> </td><td style="background: #eee; color:black; font-size: smaller;"><div>|-  </div></td><td class='diff-marker'> </td><td style="background: #eee; color:black; font-size: smaller;"><div>|-  </div></td></tr>
<tr><td class='diff-marker'> </td><td style="background: #eee; color:black; font-size: smaller;"><div>| <p class="TabellenInhalt">Create a policy</p></div></td><td class='diff-marker'> </td><td style="background: #eee; color:black; font-size: smaller;"><div>| <p class="TabellenInhalt">Create a policy</p></div></td></tr>
</table>Mrautenberghttp://api.toxbank.net/index.php?title=OpenTox_API_1.2_A%26A&diff=704&oldid=prevMrautenberg at 10:04, 9 December 20112011-12-09T10:04:24Z<p></p>
<table style="background-color: white; color:black;">
<col class='diff-marker' />
<col class='diff-content' />
<col class='diff-marker' />
<col class='diff-content' />
<tr valign='top'>
<td colspan='2' style="background-color: white; color:black;">← Older revision</td>
<td colspan='2' style="background-color: white; color:black;">Revision as of 10:04, 9 December 2011</td>
</tr><tr><td colspan="2" class="diff-lineno">Line 1:</td>
<td colspan="2" class="diff-lineno">Line 1:</td></tr>
<tr><td class='diff-marker'> </td><td style="background: #eee; color:black; font-size: smaller;"><div><p>Listed below are relevant REST operations. Please see the&nbsp; [http://www.opentox.org/data/documents/development/opentoxreports/opentoxreportd33 documentation] for more information.</p><h2>A REST operations</h2><p><strong>(a)</strong></p></div></td><td class='diff-marker'> </td><td style="background: #eee; color:black; font-size: smaller;"><div><p>Listed below are relevant REST operations. Please see the&nbsp; [http://www.opentox.org/data/documents/development/opentoxreports/opentoxreportd33 documentation] for more information.</p><h2>A REST operations</h2><p><strong>(a)</strong></p></div></td></tr>
<tr><td class='diff-marker'>−</td><td style="background: #ffa; color:black; font-size: smaller;"><div>{| <del class="diffchange diffchange-inline"> </del>class="<del class="diffchange diffchange-inline">plain</del>"<del class="diffchange diffchange-inline"><tbody> </del></div></td><td class='diff-marker'>+</td><td style="background: #cfc; color:black; font-size: smaller;"><div>{| class="<ins class="diffchange diffchange-inline">wikitable</ins>"</div></td></tr>
<tr><td class='diff-marker'> </td><td style="background: #eee; color:black; font-size: smaller;"><div>| <p class="TableContents"><strong>Desired action</strong></p></div></td><td class='diff-marker'> </td><td style="background: #eee; color:black; font-size: smaller;"><div>| <p class="TableContents"><strong>Desired action</strong></p></div></td></tr>
<tr><td class='diff-marker'> </td><td style="background: #eee; color:black; font-size: smaller;"><div>| <p class="TableContents"><strong>URL</strong></p></div></td><td class='diff-marker'> </td><td style="background: #eee; color:black; font-size: smaller;"><div>| <p class="TableContents"><strong>URL</strong></p></div></td></tr>
<tr><td colspan="2" class="diff-lineno">Line 19:</td>
<td colspan="2" class="diff-lineno">Line 19:</td></tr>
<tr><td class='diff-marker'> </td><td style="background: #eee; color:black; font-size: smaller;"><div>| <p class="TableContents">POST on /auth/logout</p></div></td><td class='diff-marker'> </td><td style="background: #eee; color:black; font-size: smaller;"><div>| <p class="TableContents">POST on /auth/logout</p></div></td></tr>
<tr><td class='diff-marker'> </td><td style="background: #eee; color:black; font-size: smaller;"><div>| <p class="TableContents">subjectid<sup>1</sup></p></div></td><td class='diff-marker'> </td><td style="background: #eee; color:black; font-size: smaller;"><div>| <p class="TableContents">subjectid<sup>1</sup></p></div></td></tr>
<tr><td class='diff-marker'>−</td><td style="background: #ffa; color:black; font-size: smaller;"><div>| <p class="TableContents">200 + void</p<del class="diffchange diffchange-inline">></tbody</del>></div></td><td class='diff-marker'>+</td><td style="background: #cfc; color:black; font-size: smaller;"><div>| <p class="TableContents">200 + void</p></div></td></tr>
<tr><td class='diff-marker'> </td><td style="background: #eee; color:black; font-size: smaller;"><div>|}<p><sup>1</sup> URI-encoded: <strong>YES</strong><br> Note: all parameters are <strong>form</strong> parameters.</p><p><strong>(b1)</strong></p></div></td><td class='diff-marker'> </td><td style="background: #eee; color:black; font-size: smaller;"><div>|}<p><sup>1</sup> URI-encoded: <strong>YES</strong><br> Note: all parameters are <strong>form</strong> parameters.</p><p><strong>(b1)</strong></p></div></td></tr>
<tr><td class='diff-marker'>−</td><td style="background: #ffa; color:black; font-size: smaller;"><div>{| <del class="diffchange diffchange-inline"> </del>class="<del class="diffchange diffchange-inline">plain</del>"<del class="diffchange diffchange-inline"><tbody> </del></div></td><td class='diff-marker'>+</td><td style="background: #cfc; color:black; font-size: smaller;"><div>{| class="<ins class="diffchange diffchange-inline">wikitable</ins>"</div></td></tr>
<tr><td class='diff-marker'> </td><td style="background: #eee; color:black; font-size: smaller;"><div>| <p class="TableContents">Desired action</p></div></td><td class='diff-marker'> </td><td style="background: #eee; color:black; font-size: smaller;"><div>| <p class="TableContents">Desired action</p></div></td></tr>
<tr><td class='diff-marker'> </td><td style="background: #eee; color:black; font-size: smaller;"><div>| <p class="TableContents">URL</p></div></td><td class='diff-marker'> </td><td style="background: #eee; color:black; font-size: smaller;"><div>| <p class="TableContents">URL</p></div></td></tr>
<tr><td colspan="2" class="diff-lineno">Line 30:</td>
<td colspan="2" class="diff-lineno">Line 30:</td></tr>
<tr><td class='diff-marker'> </td><td style="background: #eee; color:black; font-size: smaller;"><div>| <p class="TableContents">All</p></div></td><td class='diff-marker'> </td><td style="background: #eee; color:black; font-size: smaller;"><div>| <p class="TableContents">All</p></div></td></tr>
<tr><td class='diff-marker'> </td><td style="background: #eee; color:black; font-size: smaller;"><div>| <p class="TableContents">as before + <br>subjectid<sup>1</sup></p></div></td><td class='diff-marker'> </td><td style="background: #eee; color:black; font-size: smaller;"><div>| <p class="TableContents">as before + <br>subjectid<sup>1</sup></p></div></td></tr>
<tr><td class='diff-marker'>−</td><td style="background: #ffa; color:black; font-size: smaller;"><div>| <p class="TableContents">as before + 401</p<del class="diffchange diffchange-inline">></tbody</del>></div></td><td class='diff-marker'>+</td><td style="background: #cfc; color:black; font-size: smaller;"><div>| <p class="TableContents">as before + 401</p></div></td></tr>
<tr><td class='diff-marker'> </td><td style="background: #eee; color:black; font-size: smaller;"><div>|}<p><sup>1</sup> URI-encoded: <strong>YES</strong><br>Note: all parameters are <strong>form</strong> parameters.</p><p><strong>(b2)</strong></p></div></td><td class='diff-marker'> </td><td style="background: #eee; color:black; font-size: smaller;"><div>|}<p><sup>1</sup> URI-encoded: <strong>YES</strong><br>Note: all parameters are <strong>form</strong> parameters.</p><p><strong>(b2)</strong></p></div></td></tr>
<tr><td class='diff-marker'>−</td><td style="background: #ffa; color:black; font-size: smaller;"><div>{| <del class="diffchange diffchange-inline"> </del>class="<del class="diffchange diffchange-inline">plain</del>"<del class="diffchange diffchange-inline"><tbody> </del></div></td><td class='diff-marker'>+</td><td style="background: #cfc; color:black; font-size: smaller;"><div>{| class="<ins class="diffchange diffchange-inline">wikitable</ins>"</div></td></tr>
<tr><td class='diff-marker'> </td><td style="background: #eee; color:black; font-size: smaller;"><div>| <p class="TableContents">Desired action</p></div></td><td class='diff-marker'> </td><td style="background: #eee; color:black; font-size: smaller;"><div>| <p class="TableContents">Desired action</p></div></td></tr>
<tr><td class='diff-marker'> </td><td style="background: #eee; color:black; font-size: smaller;"><div>| <p class="TableContents">URL</p></div></td><td class='diff-marker'> </td><td style="background: #eee; color:black; font-size: smaller;"><div>| <p class="TableContents">URL</p></div></td></tr>
<tr><td colspan="2" class="diff-lineno">Line 41:</td>
<td colspan="2" class="diff-lineno">Line 41:</td></tr>
<tr><td class='diff-marker'> </td><td style="background: #eee; color:black; font-size: smaller;"><div>| <p class="TableContents">POST on /auth/authorize</p></div></td><td class='diff-marker'> </td><td style="background: #eee; color:black; font-size: smaller;"><div>| <p class="TableContents">POST on /auth/authorize</p></div></td></tr>
<tr><td class='diff-marker'> </td><td style="background: #eee; color:black; font-size: smaller;"><div>| <p class="TableContents">uri<sup>1</sup><br>action<sup>1</sup><br>subjectid<sup>1</sup></p></div></td><td class='diff-marker'> </td><td style="background: #eee; color:black; font-size: smaller;"><div>| <p class="TableContents">uri<sup>1</sup><br>action<sup>1</sup><br>subjectid<sup>1</sup></p></div></td></tr>
<tr><td class='diff-marker'>−</td><td style="background: #ffa; color:black; font-size: smaller;"><div>| <p class="TableContents">200 + Boolean (Grant)<br>401 + Boolean (Deny)</p><p class="TableContents">&nbsp;</p<del class="diffchange diffchange-inline">></tbody</del>></div></td><td class='diff-marker'>+</td><td style="background: #cfc; color:black; font-size: smaller;"><div>| <p class="TableContents">200 + Boolean (Grant)<br>401 + Boolean (Deny)</p><p class="TableContents">&nbsp;</p></div></td></tr>
<tr><td class='diff-marker'> </td><td style="background: #eee; color:black; font-size: smaller;"><div>|}<p><sup>1</sup> URI-encoded: <strong>YES</strong><br>Note: all parameters are <strong>form</strong> parameters.<br><sup></sup></p><h3>Background</h3><p>Authentication: client authenticates against OpenSSO and obtains a token. The user data is drawn from the LDAP backend that also the Plone website uses.</p><p>Authorisation: Token is used to permit or deny a client a specific action. The token encodes conjunction of user and point of time and has a certain lifetime. If token is authorized for the action according to current server policy, the webservice performs the action.</p><p>To access a restricted/protected service, only tokens NOT credentials should be passed to the respective service (e.g. descriptor calculation)</p><p>&nbsp;</p><p>The OpenTox API needs modification in some places and the introduction of some new components. We have two cases:</p><blockquote dir="ltr"><p>(a) Authentication against OpenSSO: should be done by the client application<br>(b) Authorisation against OpenSSO for resource and action combinations</p></blockquote><p>For (1), we need to transmit user credentials and obtain a token, while part (b) can be decomposed into:</p><blockquote dir="ltr"><p>(b1) Client authorisation request to the webservice: should be done by the client application <br>(b2) Authorisation request confirmation from webservice to OpenSSO: should be done by the webservice.</p></blockquote><p>&nbsp;See&nbsp; [http://www.opentox.org/data/documents/development/opentoxreports/opentoxreportd33 documentation]</p><hr><h2>Policy REST operations</h2></div></td><td class='diff-marker'> </td><td style="background: #eee; color:black; font-size: smaller;"><div>|}<p><sup>1</sup> URI-encoded: <strong>YES</strong><br>Note: all parameters are <strong>form</strong> parameters.<br><sup></sup></p><h3>Background</h3><p>Authentication: client authenticates against OpenSSO and obtains a token. The user data is drawn from the LDAP backend that also the Plone website uses.</p><p>Authorisation: Token is used to permit or deny a client a specific action. The token encodes conjunction of user and point of time and has a certain lifetime. If token is authorized for the action according to current server policy, the webservice performs the action.</p><p>To access a restricted/protected service, only tokens NOT credentials should be passed to the respective service (e.g. descriptor calculation)</p><p>&nbsp;</p><p>The OpenTox API needs modification in some places and the introduction of some new components. We have two cases:</p><blockquote dir="ltr"><p>(a) Authentication against OpenSSO: should be done by the client application<br>(b) Authorisation against OpenSSO for resource and action combinations</p></blockquote><p>For (1), we need to transmit user credentials and obtain a token, while part (b) can be decomposed into:</p><blockquote dir="ltr"><p>(b1) Client authorisation request to the webservice: should be done by the client application <br>(b2) Authorisation request confirmation from webservice to OpenSSO: should be done by the webservice.</p></blockquote><p>&nbsp;See&nbsp; [http://www.opentox.org/data/documents/development/opentoxreports/opentoxreportd33 documentation]</p><hr><h2>Policy REST operations</h2></div></td></tr>
<tr><td class='diff-marker'>−</td><td style="background: #ffa; color:black; font-size: smaller;"><div>{| <del class="diffchange diffchange-inline"> </del>class="<del class="diffchange diffchange-inline">plain</del>"<del class="diffchange diffchange-inline"><tbody> </del></div></td><td class='diff-marker'>+</td><td style="background: #cfc; color:black; font-size: smaller;"><div>{| class="<ins class="diffchange diffchange-inline">wikitable</ins>"</div></td></tr>
<tr><td class='diff-marker'> </td><td style="background: #eee; color:black; font-size: smaller;"><div>| <p class="TabellenInhalt">Desired action</p></div></td><td class='diff-marker'> </td><td style="background: #eee; color:black; font-size: smaller;"><div>| <p class="TabellenInhalt">Desired action</p></div></td></tr>
<tr><td class='diff-marker'> </td><td style="background: #eee; color:black; font-size: smaller;"><div>| <p class="TabellenInhalt">URL</p></div></td><td class='diff-marker'> </td><td style="background: #eee; color:black; font-size: smaller;"><div>| <p class="TabellenInhalt">URL</p></div></td></tr>
<tr><td colspan="2" class="diff-lineno">Line 80:</td>
<td colspan="2" class="diff-lineno">Line 80:</td></tr>
<tr><td class='diff-marker'> </td><td style="background: #eee; color:black; font-size: smaller;"><div>| <p>DELETE on /pol</p></div></td><td class='diff-marker'> </td><td style="background: #eee; color:black; font-size: smaller;"><div>| <p>DELETE on /pol</p></div></td></tr>
<tr><td class='diff-marker'> </td><td style="background: #eee; color:black; font-size: smaller;"><div>| <p class="TabellenInhalt">subjectid<sup>3</sup><br>id<sup></sup></p></div></td><td class='diff-marker'> </td><td style="background: #eee; color:black; font-size: smaller;"><div>| <p class="TabellenInhalt">subjectid<sup>3</sup><br>id<sup></sup></p></div></td></tr>
<tr><td class='diff-marker'>−</td><td style="background: #ffa; color:black; font-size: smaller;"><div>| <p class="TabellenInhalt">200 (OK)<br>400 (Policy non-existent)<br>401 (Unauthorized)<br>500 (General Error)</p<del class="diffchange diffchange-inline">></tbody</del>></div></td><td class='diff-marker'>+</td><td style="background: #cfc; color:black; font-size: smaller;"><div>| <p class="TabellenInhalt">200 (OK)<br>400 (Policy non-existent)<br>401 (Unauthorized)<br>500 (General Error)</p></div></td></tr>
<tr><td class='diff-marker'> </td><td style="background: #eee; color:black; font-size: smaller;"><div>|}<p><sup>2</sup> may be set to any value, e.g. 'true', return value is owner (first row), policy names (consecutive rows), <br><sup>3</sup> URI-encoded: <strong>NO</strong><br>Note: all parameters are <strong>header</strong> parameters.</p><h3>Background</h3><p>To create a policy, issue a POST to http://&lt;pol-server&gt;/Pol/opensso-pol with the XML file to transfer and header entry "Content-Type: application/xml". The XML file should match the following schema:</p><pre>&lt;&#33;DOCTYPE Policies PUBLIC "-//Sun Java System Access Manager7.1 2006Q3</div></td><td class='diff-marker'> </td><td style="background: #eee; color:black; font-size: smaller;"><div>|}<p><sup>2</sup> may be set to any value, e.g. 'true', return value is owner (first row), policy names (consecutive rows), <br><sup>3</sup> URI-encoded: <strong>NO</strong><br>Note: all parameters are <strong>header</strong> parameters.</p><h3>Background</h3><p>To create a policy, issue a POST to http://&lt;pol-server&gt;/Pol/opensso-pol with the XML file to transfer and header entry "Content-Type: application/xml". The XML file should match the following schema:</p><pre>&lt;&#33;DOCTYPE Policies PUBLIC "-//Sun Java System Access Manager7.1 2006Q3</div></td></tr>
<tr><td class='diff-marker'> </td><td style="background: #eee; color:black; font-size: smaller;"><div>&nbsp;&nbsp; Admin CLI DTD//EN" "jar://com/sun/identity/policy/policyAdmin.dtd"&gt;</div></td><td class='diff-marker'> </td><td style="background: #eee; color:black; font-size: smaller;"><div>&nbsp;&nbsp; Admin CLI DTD//EN" "jar://com/sun/identity/policy/policyAdmin.dtd"&gt;</div></td></tr>
</table>Mrautenberghttp://api.toxbank.net/index.php?title=OpenTox_API_1.2_A%26A&diff=703&oldid=prevMrautenberg at 08:43, 9 December 20112011-12-09T08:43:19Z<p></p>
<table style="background-color: white; color:black;">
<col class='diff-marker' />
<col class='diff-content' />
<col class='diff-marker' />
<col class='diff-content' />
<tr valign='top'>
<td colspan='2' style="background-color: white; color:black;">← Older revision</td>
<td colspan='2' style="background-color: white; color:black;">Revision as of 08:43, 9 December 2011</td>
</tr><tr><td colspan="2" class="diff-lineno">Line 42:</td>
<td colspan="2" class="diff-lineno">Line 42:</td></tr>
<tr><td class='diff-marker'> </td><td style="background: #eee; color:black; font-size: smaller;"><div>| <p class="TableContents">uri<sup>1</sup><br>action<sup>1</sup><br>subjectid<sup>1</sup></p></div></td><td class='diff-marker'> </td><td style="background: #eee; color:black; font-size: smaller;"><div>| <p class="TableContents">uri<sup>1</sup><br>action<sup>1</sup><br>subjectid<sup>1</sup></p></div></td></tr>
<tr><td class='diff-marker'> </td><td style="background: #eee; color:black; font-size: smaller;"><div>| <p class="TableContents">200 + Boolean (Grant)<br>401 + Boolean (Deny)</p><p class="TableContents">&nbsp;</p></tbody></div></td><td class='diff-marker'> </td><td style="background: #eee; color:black; font-size: smaller;"><div>| <p class="TableContents">200 + Boolean (Grant)<br>401 + Boolean (Deny)</p><p class="TableContents">&nbsp;</p></tbody></div></td></tr>
<tr><td class='diff-marker'>−</td><td style="background: #ffa; color:black; font-size: smaller;"><div>|}<p><sup>1</sup> URI-encoded: <strong>YES</strong><br>Note: all parameters are <strong>form</strong> parameters.<br><sup></sup></p><h3>Background</h3><p>Authentication: client authenticates against OpenSSO and obtains a token. The user data is drawn from the LDAP backend that also the Plone website uses.</p><p>Authorisation: Token is used to permit or deny a client a specific action. The token encodes conjunction of user and point of time and has a certain lifetime. If token is authorized for the action according to current server policy, the webservice performs the action.</p><p>To access a restricted/protected service, only tokens NOT credentials should be passed to the respective service (e.g. descriptor calculation)</p><p>&nbsp;</p><p>The OpenTox API needs modification in some places and the introduction of some new components. We have two cases:</p><blockquote dir="ltr"><p>(a) Authentication against OpenSSO: should be done by the client application<br>(b) Authorisation against OpenSSO for resource and action combinations</p></blockquote><p>For (1), we need to transmit user credentials and obtain a token, while part (b) can be decomposed into:</p><blockquote dir="ltr"><p>(b1) Client authorisation request to the webservice: should be done by the client application <br>(b2) Authorisation request confirmation from webservice to OpenSSO: should be done by the webservice.</p></blockquote><p>&nbsp;See&nbsp; <del class="diffchange diffchange-inline"><a class="external-link" href="..</del>/../data/documents/development/opentoxreports/opentoxreportd33<del class="diffchange diffchange-inline">"></del>documentation<del class="diffchange diffchange-inline"></a>.</del></p><hr><h2>Policy REST operations</h2></div></td><td class='diff-marker'>+</td><td style="background: #cfc; color:black; font-size: smaller;"><div>|}<p><sup>1</sup> URI-encoded: <strong>YES</strong><br>Note: all parameters are <strong>form</strong> parameters.<br><sup></sup></p><h3>Background</h3><p>Authentication: client authenticates against OpenSSO and obtains a token. The user data is drawn from the LDAP backend that also the Plone website uses.</p><p>Authorisation: Token is used to permit or deny a client a specific action. The token encodes conjunction of user and point of time and has a certain lifetime. If token is authorized for the action according to current server policy, the webservice performs the action.</p><p>To access a restricted/protected service, only tokens NOT credentials should be passed to the respective service (e.g. descriptor calculation)</p><p>&nbsp;</p><p>The OpenTox API needs modification in some places and the introduction of some new components. We have two cases:</p><blockquote dir="ltr"><p>(a) Authentication against OpenSSO: should be done by the client application<br>(b) Authorisation against OpenSSO for resource and action combinations</p></blockquote><p>For (1), we need to transmit user credentials and obtain a token, while part (b) can be decomposed into:</p><blockquote dir="ltr"><p>(b1) Client authorisation request to the webservice: should be done by the client application <br>(b2) Authorisation request confirmation from webservice to OpenSSO: should be done by the webservice.</p></blockquote><p>&nbsp;See&nbsp; <ins class="diffchange diffchange-inline">[http:/</ins>/<ins class="diffchange diffchange-inline">www</ins>.<ins class="diffchange diffchange-inline">opentox</ins>.<ins class="diffchange diffchange-inline">org</ins>/data/documents/development/opentoxreports/opentoxreportd33 documentation<ins class="diffchange diffchange-inline">]</ins></p><hr><h2>Policy REST operations</h2></div></td></tr>
<tr><td class='diff-marker'> </td><td style="background: #eee; color:black; font-size: smaller;"><div>{|  class="plain"<tbody>  </div></td><td class='diff-marker'> </td><td style="background: #eee; color:black; font-size: smaller;"><div>{|  class="plain"<tbody>  </div></td></tr>
<tr><td class='diff-marker'> </td><td style="background: #eee; color:black; font-size: smaller;"><div>| <p class="TabellenInhalt">Desired action</p></div></td><td class='diff-marker'> </td><td style="background: #eee; color:black; font-size: smaller;"><div>| <p class="TabellenInhalt">Desired action</p></div></td></tr>
<tr><td colspan="2" class="diff-lineno">Line 110:</td>
<td colspan="2" class="diff-lineno">Line 110:</td></tr>
<tr><td class='diff-marker'> </td><td style="background: #eee; color:black; font-size: smaller;"><div>SUBJECT_ID&nbsp;&nbsp;&nbsp; Arbitrary string, e.g. "John Doe"</div></td><td class='diff-marker'> </td><td style="background: #eee; color:black; font-size: smaller;"><div>SUBJECT_ID&nbsp;&nbsp;&nbsp; Arbitrary string, e.g. "John Doe"</div></td></tr>
<tr><td class='diff-marker'> </td><td style="background: #eee; color:black; font-size: smaller;"><div>LDAP_TYPE&nbsp;&nbsp;&nbsp;&nbsp; One of "LDAPUsers", "LDAPGroups"</div></td><td class='diff-marker'> </td><td style="background: #eee; color:black; font-size: smaller;"><div>LDAP_TYPE&nbsp;&nbsp;&nbsp;&nbsp; One of "LDAPUsers", "LDAPGroups"</div></td></tr>
<tr><td class='diff-marker'>−</td><td style="background: #ffa; color:black; font-size: smaller;"><div>LDAP_DN&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; Distinguished name, e.g. "uid=jdoe, ou=people, dc=opentox,dc=org"</pre><div>Note for LDAP_DN:</div><p>Individuals always use:&nbsp; uid=&lt;uid&gt;, ou=people, dc=opentox, dc=org<br>Groups always use&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; :&nbsp; cn=&lt;gid&gt;, ou=groups, dc=opentox, dc=org</p><p>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; <em>Note:</em> &lt;uid&gt;/&lt;gid&gt; should be replaced with OpenTox's Plone user/group IDs, respectively.</p><p>Note: Disabled wildcards completely for URIs (June 11, 2010).</p><p>See&nbsp; <del class="diffchange diffchange-inline"><a class="external-link" href="..</del>/../data/documents/development/opentoxreports/opentoxreportd33<del class="diffchange diffchange-inline">"></del>documentation<del class="diffchange diffchange-inline"></a></del>.</p><p>&nbsp;</p><hr><h2>Extended use cases</h2><strong><br>General Authentication</strong><p>&nbsp;</p><ol><li>The client establishes encrypted SSL/TLS connection to the OpenSSO server.</li><li>The client sends username and password through the encrypted channel to the OpenSSO server.</li><li>The OpenSSO server verifies the presented user credentials against opentox.org’s user database.</li><li>Depending on the result of this verification:</li><ol><li>On success, the OpenSSO server returns a cryptographic token to the client.</li><li>On failure, the OpenSSO server returns appropriate error message.</li></ol></ol><p>&nbsp;</p><strong>Uploading dataset</strong><p>&nbsp;</p><ol><li>The client establishes encrypted SSL/TLS connection to the dataset service.</li><li>The client fetches the user and group lists from the OpenSSO server.</li><li>The client presents the user with an interface to select the required permissions for the dataset to be uploaded: different users and/or groups could be selected and for each one any of the four HTTP methods GET, POST, PUT and DELETE could be either allowed or disallowed.</li><li>The client POSTs the dataset to the dataset service, providing along also:</li><ol><li>The token acquired from the authentication phase: Following the guidelines of RFC 2616 (section 14.8), the authentication information of the user agent for the realm of the resource being requested is provided in the Header field 'Authorization'. Note also that the provided token should be URL encoded (in UTF-8). See [http://www.w3.org/Protocols/rfc2616/rfc2616-sec14.html#sec14.8 http://www.w3.org/Protocols/rfc2616/rfc2616-sec14.html#sec14.8] for further details. <br></li><li>The policies to be created based on the user preferences from step 3.</li></ol><li>The dataset service sends the provided token for validation to the OpenSSO server.</li><li>If the token is not valid, the dataset service returns an appropriate error message. Otherwise, it checks with the OpenSSO server whether the user is allowed to create new data.</li><li>If the user is allowed to create new data, the dataset service registers the uploaded dataset, but does not publish it yet.</li><li>The dataset service requests the OpenSSO policy service to create the requested policy by the user in step 3 for the resources registered in the previous step.</li><li>If the creation of access control policy fails, the dataset service returns an appropriate error message to the client. Otherwise, if the policy is successfully created, the dataset is published.</li><li>The dataset service returns the newly created dataset ID to the client.</li></ol><p>&nbsp;</p><p>&nbsp;</p><hr></div></td><td class='diff-marker'>+</td><td style="background: #cfc; color:black; font-size: smaller;"><div>LDAP_DN&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; Distinguished name, e.g. "uid=jdoe, ou=people, dc=opentox,dc=org"</pre><div>Note for LDAP_DN:</div><p>Individuals always use:&nbsp; uid=&lt;uid&gt;, ou=people, dc=opentox, dc=org<br>Groups always use&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; :&nbsp; cn=&lt;gid&gt;, ou=groups, dc=opentox, dc=org</p><p>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; <em>Note:</em> &lt;uid&gt;/&lt;gid&gt; should be replaced with OpenTox's Plone user/group IDs, respectively.</p><p>Note: Disabled wildcards completely for URIs (June 11, 2010).</p><p>See&nbsp; <ins class="diffchange diffchange-inline">[http:/</ins>/<ins class="diffchange diffchange-inline">www</ins>.<ins class="diffchange diffchange-inline">opentox</ins>.<ins class="diffchange diffchange-inline">org</ins>/data/documents/development/opentoxreports/opentoxreportd33 documentation<ins class="diffchange diffchange-inline">]</ins>.</p><p>&nbsp;</p><hr><h2>Extended use cases</h2><strong><br>General Authentication</strong><p>&nbsp;</p><ol><li>The client establishes encrypted SSL/TLS connection to the OpenSSO server.</li><li>The client sends username and password through the encrypted channel to the OpenSSO server.</li><li>The OpenSSO server verifies the presented user credentials against opentox.org’s user database.</li><li>Depending on the result of this verification:</li><ol><li>On success, the OpenSSO server returns a cryptographic token to the client.</li><li>On failure, the OpenSSO server returns appropriate error message.</li></ol></ol><p>&nbsp;</p><strong>Uploading dataset</strong><p>&nbsp;</p><ol><li>The client establishes encrypted SSL/TLS connection to the dataset service.</li><li>The client fetches the user and group lists from the OpenSSO server.</li><li>The client presents the user with an interface to select the required permissions for the dataset to be uploaded: different users and/or groups could be selected and for each one any of the four HTTP methods GET, POST, PUT and DELETE could be either allowed or disallowed.</li><li>The client POSTs the dataset to the dataset service, providing along also:</li><ol><li>The token acquired from the authentication phase: Following the guidelines of RFC 2616 (section 14.8), the authentication information of the user agent for the realm of the resource being requested is provided in the Header field 'Authorization'. Note also that the provided token should be URL encoded (in UTF-8). See [http://www.w3.org/Protocols/rfc2616/rfc2616-sec14.html#sec14.8 http://www.w3.org/Protocols/rfc2616/rfc2616-sec14.html#sec14.8] for further details. <br></li><li>The policies to be created based on the user preferences from step 3.</li></ol><li>The dataset service sends the provided token for validation to the OpenSSO server.</li><li>If the token is not valid, the dataset service returns an appropriate error message. Otherwise, it checks with the OpenSSO server whether the user is allowed to create new data.</li><li>If the user is allowed to create new data, the dataset service registers the uploaded dataset, but does not publish it yet.</li><li>The dataset service requests the OpenSSO policy service to create the requested policy by the user in step 3 for the resources registered in the previous step.</li><li>If the creation of access control policy fails, the dataset service returns an appropriate error message to the client. Otherwise, if the policy is successfully created, the dataset is published.</li><li>The dataset service returns the newly created dataset ID to the client.</li></ol><p>&nbsp;</p><p>&nbsp;</p><hr></div></td></tr>
<tr><td class='diff-marker'> </td><td style="background: #eee; color:black; font-size: smaller;"><div><h2>General<br></h2><p>Relevant readings:</p></div></td><td class='diff-marker'> </td><td style="background: #eee; color:black; font-size: smaller;"><div><h2>General<br></h2><p>Relevant readings:</p></div></td></tr>
<tr><td class='diff-marker'> </td><td style="background: #eee; color:black; font-size: smaller;"></td><td class='diff-marker'> </td><td style="background: #eee; color:black; font-size: smaller;"></td></tr>
</table>Mrautenberghttp://api.toxbank.net/index.php?title=OpenTox_API_1.2_A%26A&diff=32&oldid=prevMrautenberg at 15:24, 29 August 20112011-08-29T15:24:39Z<p></p>
<table style="background-color: white; color:black;">
<col class='diff-marker' />
<col class='diff-content' />
<col class='diff-marker' />
<col class='diff-content' />
<tr valign='top'>
<td colspan='2' style="background-color: white; color:black;">← Older revision</td>
<td colspan='2' style="background-color: white; color:black;">Revision as of 15:24, 29 August 2011</td>
</tr><tr><td colspan="2" class="diff-lineno">Line 110:</td>
<td colspan="2" class="diff-lineno">Line 110:</td></tr>
<tr><td class='diff-marker'> </td><td style="background: #eee; color:black; font-size: smaller;"><div>SUBJECT_ID&nbsp;&nbsp;&nbsp; Arbitrary string, e.g. "John Doe"</div></td><td class='diff-marker'> </td><td style="background: #eee; color:black; font-size: smaller;"><div>SUBJECT_ID&nbsp;&nbsp;&nbsp; Arbitrary string, e.g. "John Doe"</div></td></tr>
<tr><td class='diff-marker'> </td><td style="background: #eee; color:black; font-size: smaller;"><div>LDAP_TYPE&nbsp;&nbsp;&nbsp;&nbsp; One of "LDAPUsers", "LDAPGroups"</div></td><td class='diff-marker'> </td><td style="background: #eee; color:black; font-size: smaller;"><div>LDAP_TYPE&nbsp;&nbsp;&nbsp;&nbsp; One of "LDAPUsers", "LDAPGroups"</div></td></tr>
<tr><td class='diff-marker'>−</td><td style="background: #ffa; color:black; font-size: smaller;"><div>LDAP_DN&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; Distinguished name, e.g. "uid=jdoe, ou=people, dc=opentox,dc=org"</pre><div>Note for LDAP_DN:</div><p>Individuals always use:&nbsp; uid=&lt;uid&gt;, ou=people, dc=opentox, dc=org<br>Groups always use&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; :&nbsp; cn=&lt;gid&gt;, ou=groups, dc=opentox, dc=org</p><p>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; <em>Note:</em> &lt;uid&gt;/&lt;gid&gt; should be replaced with OpenTox's Plone user/group IDs, respectively.</p><p>Note: Disabled wildcards completely for URIs (June 11, 2010).</p><p>See&nbsp; <a class="external-link" href="../../data/documents/development/opentoxreports/opentoxreportd33">documentation</a>.</p><p>&nbsp;</p><hr><h2>Extended use cases</h2><strong><br>General Authentication</strong><p>&nbsp;</p><ol><li>The client establishes encrypted SSL/TLS connection to the OpenSSO server.</li><li>The client sends username and password through the encrypted channel to the OpenSSO server.</li><li>The OpenSSO server verifies the presented user credentials against opentox.org’s user database.</li><li>Depending on the result of this verification:</li><ol><li>On success, the OpenSSO server returns a cryptographic token to the client.</li><li>On failure, the OpenSSO server returns appropriate error message.</li></ol></ol><p>&nbsp;</p><strong>Uploading dataset</strong><p>&nbsp;</p><ol><li>The client establishes encrypted SSL/TLS connection to the dataset service.</li><li>The client fetches the user and group lists from the OpenSSO server.</li><li>The client presents the user with an interface to select the required permissions for the dataset to be uploaded: different users and/or groups could be selected and for each one any of the four HTTP methods GET, POST, PUT and DELETE could be either allowed or disallowed.</li><li>The client POSTs the dataset to the dataset service, providing along also:</li><ol><li>The token acquired from the authentication phase: Following the guidelines of RFC 2616 (section 14.8), the authentication information of the user agent for the realm of the resource being requested is provided in the Header field 'Authorization'. Note also that the provided token should be URL encoded (in UTF-8). See <del class="diffchange diffchange-inline"><a class="external-link" href="</del>http://www.w3.org/Protocols/rfc2616/rfc2616-sec14.html#sec14.8<del class="diffchange diffchange-inline">"></del>http://www.w3.org/Protocols/rfc2616/rfc2616-sec14.html#sec14.8<del class="diffchange diffchange-inline"></a> </del>for further details. <br></li><li>The policies to be created based on the user preferences from step 3.</li></ol><li>The dataset service sends the provided token for validation to the OpenSSO server.</li><li>If the token is not valid, the dataset service returns an appropriate error message. Otherwise, it checks with the OpenSSO server whether the user is allowed to create new data.</li><li>If the user is allowed to create new data, the dataset service registers the uploaded dataset, but does not publish it yet.</li><li>The dataset service requests the OpenSSO policy service to create the requested policy by the user in step 3 for the resources registered in the previous step.</li><li>If the creation of access control policy fails, the dataset service returns an appropriate error message to the client. Otherwise, if the policy is successfully created, the dataset is published.</li><li>The dataset service returns the newly created dataset ID to the client.</li></ol><p>&nbsp;</p><p>&nbsp;</p><hr></div></td><td class='diff-marker'>+</td><td style="background: #cfc; color:black; font-size: smaller;"><div>LDAP_DN&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; Distinguished name, e.g. "uid=jdoe, ou=people, dc=opentox,dc=org"</pre><div>Note for LDAP_DN:</div><p>Individuals always use:&nbsp; uid=&lt;uid&gt;, ou=people, dc=opentox, dc=org<br>Groups always use&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; :&nbsp; cn=&lt;gid&gt;, ou=groups, dc=opentox, dc=org</p><p>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; <em>Note:</em> &lt;uid&gt;/&lt;gid&gt; should be replaced with OpenTox's Plone user/group IDs, respectively.</p><p>Note: Disabled wildcards completely for URIs (June 11, 2010).</p><p>See&nbsp; <a class="external-link" href="../../data/documents/development/opentoxreports/opentoxreportd33">documentation</a>.</p><p>&nbsp;</p><hr><h2>Extended use cases</h2><strong><br>General Authentication</strong><p>&nbsp;</p><ol><li>The client establishes encrypted SSL/TLS connection to the OpenSSO server.</li><li>The client sends username and password through the encrypted channel to the OpenSSO server.</li><li>The OpenSSO server verifies the presented user credentials against opentox.org’s user database.</li><li>Depending on the result of this verification:</li><ol><li>On success, the OpenSSO server returns a cryptographic token to the client.</li><li>On failure, the OpenSSO server returns appropriate error message.</li></ol></ol><p>&nbsp;</p><strong>Uploading dataset</strong><p>&nbsp;</p><ol><li>The client establishes encrypted SSL/TLS connection to the dataset service.</li><li>The client fetches the user and group lists from the OpenSSO server.</li><li>The client presents the user with an interface to select the required permissions for the dataset to be uploaded: different users and/or groups could be selected and for each one any of the four HTTP methods GET, POST, PUT and DELETE could be either allowed or disallowed.</li><li>The client POSTs the dataset to the dataset service, providing along also:</li><ol><li>The token acquired from the authentication phase: Following the guidelines of RFC 2616 (section 14.8), the authentication information of the user agent for the realm of the resource being requested is provided in the Header field 'Authorization'. Note also that the provided token should be URL encoded (in UTF-8). See <ins class="diffchange diffchange-inline">[</ins>http://www.w3.org/Protocols/rfc2616/rfc2616-sec14.html#sec14.8 http://www.w3.org/Protocols/rfc2616/rfc2616-sec14.html#sec14.8<ins class="diffchange diffchange-inline">] </ins>for further details. <br></li><li>The policies to be created based on the user preferences from step 3.</li></ol><li>The dataset service sends the provided token for validation to the OpenSSO server.</li><li>If the token is not valid, the dataset service returns an appropriate error message. Otherwise, it checks with the OpenSSO server whether the user is allowed to create new data.</li><li>If the user is allowed to create new data, the dataset service registers the uploaded dataset, but does not publish it yet.</li><li>The dataset service requests the OpenSSO policy service to create the requested policy by the user in step 3 for the resources registered in the previous step.</li><li>If the creation of access control policy fails, the dataset service returns an appropriate error message to the client. Otherwise, if the policy is successfully created, the dataset is published.</li><li>The dataset service returns the newly created dataset ID to the client.</li></ol><p>&nbsp;</p><p>&nbsp;</p><hr></div></td></tr>
<tr><td class='diff-marker'> </td><td style="background: #eee; color:black; font-size: smaller;"><div><h2>General<br></h2><p>Relevant readings:</p></div></td><td class='diff-marker'> </td><td style="background: #eee; color:black; font-size: smaller;"><div><h2>General<br></h2><p>Relevant readings:</p></div></td></tr>
<tr><td class='diff-marker'> </td><td style="background: #eee; color:black; font-size: smaller;"></td><td class='diff-marker'> </td><td style="background: #eee; color:black; font-size: smaller;"></td></tr>
<tr><td colspan="2" class="diff-lineno">Line 119:</td>
<td colspan="2" class="diff-lineno">Line 119:</td></tr>
<tr><td class='diff-marker'> </td><td style="background: #eee; color:black; font-size: smaller;"><div>[http://oauth.net/ OAuth]</div></td><td class='diff-marker'> </td><td style="background: #eee; color:black; font-size: smaller;"><div>[http://oauth.net/ OAuth]</div></td></tr>
<tr><td class='diff-marker'> </td><td style="background: #eee; color:black; font-size: smaller;"></td><td class='diff-marker'> </td><td style="background: #eee; color:black; font-size: smaller;"></td></tr>
<tr><td class='diff-marker'>−</td><td style="background: #ffa; color:black; font-size: smaller;"><div>[http://tools.ietf.org/html/draft-hammer-http-token-auth-00 HTTP Authentication: Token Access Authentication]<del class="diffchange diffchange-inline"></p><p></del>[http://wiki.oauth.net/OAuth-WRAP http://wiki.oauth.net/OAuth-WRAP]</div></td><td class='diff-marker'>+</td><td style="background: #cfc; color:black; font-size: smaller;"><div>[http://tools.ietf.org/html/draft-hammer-http-token-auth-00 HTTP Authentication: Token Access Authentication]</div></td></tr>
<tr><td colspan="2"> </td><td class='diff-marker'>+</td><td style="background: #cfc; color:black; font-size: smaller;"><div> </div></td></tr>
<tr><td colspan="2"> </td><td class='diff-marker'>+</td><td style="background: #cfc; color:black; font-size: smaller;"><div>[http://wiki.oauth.net/OAuth-WRAP http://wiki.oauth.net/OAuth-WRAP]</div></td></tr>
<tr><td class='diff-marker'> </td><td style="background: #eee; color:black; font-size: smaller;"></td><td class='diff-marker'> </td><td style="background: #eee; color:black; font-size: smaller;"></td></tr>
<tr><td class='diff-marker'> </td><td style="background: #eee; color:black; font-size: smaller;"><div>[http://dig.csail.mit.edu/2009/Papers/ISWC/rdf-access-control/paper.pdf James Hollenbach, Joe Presbrey, and Tim Berners-Lee, Using RDF Metadata To Enable Access Control on the Social Semantic Web, 2009]</div></td><td class='diff-marker'> </td><td style="background: #eee; color:black; font-size: smaller;"><div>[http://dig.csail.mit.edu/2009/Papers/ISWC/rdf-access-control/paper.pdf James Hollenbach, Joe Presbrey, and Tim Berners-Lee, Using RDF Metadata To Enable Access Control on the Social Semantic Web, 2009]</div></td></tr>
<tr><td colspan="2" class="diff-lineno">Line 125:</td>
<td colspan="2" class="diff-lineno">Line 127:</td></tr>
<tr><td class='diff-marker'> </td><td style="background: #eee; color:black; font-size: smaller;"><div>[http://www.w3.org/ns/auth/acl# Basic Access Control ontology]</div></td><td class='diff-marker'> </td><td style="background: #eee; color:black; font-size: smaller;"><div>[http://www.w3.org/ns/auth/acl# Basic Access Control ontology]</div></td></tr>
<tr><td class='diff-marker'> </td><td style="background: #eee; color:black; font-size: smaller;"></td><td class='diff-marker'> </td><td style="background: #eee; color:black; font-size: smaller;"></td></tr>
<tr><td class='diff-marker'>−</td><td style="background: #ffa; color:black; font-size: smaller;"><div>[http://esw.w3.org/topic/WebAccessControl WebAccessControl] is a decentralized system for allowing different users and groups various forms of access to resources where users and groups are identified by HTTP URIs. <del class="diffchange diffchange-inline">http://esw.w3.org/topic/WebAccessControl</del></div></td><td class='diff-marker'>+</td><td style="background: #cfc; color:black; font-size: smaller;"><div>[http://esw.w3.org/topic/WebAccessControl WebAccessControl] is a decentralized system for allowing different users and groups various forms of access to resources where users and groups are identified by HTTP URIs.</div></td></tr>
</table>Mrautenberghttp://api.toxbank.net/index.php?title=OpenTox_API_1.2_A%26A&diff=31&oldid=prevMrautenberg at 15:22, 29 August 20112011-08-29T15:22:34Z<p></p>
<a href="http://api.toxbank.net/index.php?title=OpenTox_API_1.2_A%26A&diff=31&oldid=29">Show changes</a>Mrautenberghttp://api.toxbank.net/index.php?title=OpenTox_API_1.2_A%26A&diff=29&oldid=prevMrautenberg: Blanked the page2011-08-29T15:03:16Z<p>Blanked the page</p>
<a href="http://api.toxbank.net/index.php?title=OpenTox_API_1.2_A%26A&diff=29&oldid=28">Show changes</a>Mrautenberghttp://api.toxbank.net/index.php?title=OpenTox_API_1.2_A%26A&diff=28&oldid=prevMrautenberg: Created page with "<h2>Chemical compound</h2> <h3>Component description</h3> <p>Provides different representations for chemical compounds with a unique and defined chemical structure.</p> <h3>REST ..."2011-08-29T15:02:34Z<p>Created page with "<h2>Chemical compound</h2> <h3>Component description</h3> <p>Provides different representations for chemical compounds with a unique and defined chemical structure.</p> <h3>REST ..."</p>
<p><b>New page</b></p><div><h2>Chemical compound</h2><br />
<h3>Component description</h3><br />
<p>Provides different representations for chemical compounds with a unique and defined chemical structure.</p><br />
<h3>REST operations</h3><br />
{| class="plain"<tbody> <br />
| <strong>Description</strong><br />
| <strong>Method</strong><br />
| <strong>URI</strong><br />
| <strong>Parameters</strong><br />
| <strong>Result</strong><br />
| <strong>Status codes</strong><br />
|- <br />
| Search for compounds<br><br />
| GET<br><br />
| /compound<br><br />
| <strong>[subjectid]</strong><br>?<strong>search</strong>=value&amp;<strong>sameas</strong>=URI_FROM_AN_ONTOLOGY<br><br />
| List of compounds, matching the query<br><br />
| 200,404,503<br />
|- <br />
| Get the representation of a compound<br />
| GET<br />
| /compound/{id}<br />
| <strong>[subjectid]</strong><br>(optional)<br>?<strong>feature_uris[]</strong>="URI to features"<br />
| Compound representation in one of the supported MIME formats, if <strong>feature_uris[]</strong> provided includes features and values<br />
| 200,404,503<br />
|- <br />
| Create a new compound<br />
| POST<br />
| /compound<br />
| <strong>[subjectid]</strong><br>Compound representation in a supported MIME format<br><br />
| URIs for new compounds<br />
| 200,400,503<br />
|- <br />
| Update a compound (optional)<br><br />
| PUT<br />
| /compound/{id}<br />
| <strong>[subjectid]</strong><br>Compound representation in a supported MIME format<br />
| –<br />
| 200,400,404,503<br />
|- <br />
| Delete a compound (optional)<br><br />
| DELETE<br />
| /compound/{id}<br />
| <strong>[subjectid]</strong><br />
| –<br>Delete all feature values per compound recursively?<br><br />
| 200,400,404,503</tbody><br />
|}<p>&nbsp;</p><h3>Features per Compound<br></h3><br />
{| class="plain"<tbody> <br />
| <strong>Description<br></strong><br />
| <strong>Method<br></strong><br />
| <strong>URI<br></strong><br />
| <strong>Parameter<br></strong><br />
| <strong>Result<br></strong><br />
| <strong>Status codes<br></strong><br />
|- <br />
| Get available feature URIs for a compound<br><br />
| GET<br><br />
| &nbsp;/compound/{cid}/feature<br><br />
| <strong>[subjectid]</strong><br>?<strong>feature_uris[]</strong>="URIto features" (optional)<br><br />
| Returns representation of the features as uri-list or RDF<br>All available features are returned, if no parameter is specified<br><br />
| 200,404,503<br><br />
|- <br />
| Create a new feature value<br><br />
| POST<br><br />
| /compound/{cid}/feature<br />
| <strong>[subjectid]</strong><br>?<strong>feature_uri</strong>="URIto feature" (mandatory, single feature)&amp;<strong>value</strong>=the_value<br />
| URI of the compound with the new feature, e.g.<br>/compound/{id}?feature_uris[]=the-new-feature<br><br />
| 200,400,503<br />
|- <br />
| Update a new feature value<br />
| PUT<br><br />
| /compound/{cid}/feature<br />
| <strong>[subjectid]</strong><br>?<strong>feature_uri</strong>="URIto feature" (mandatory, single feature)&amp;<strong>value</strong>=the_value<br><br><br />
| <br><br />
| 200,400,404,503<br />
|- <br />
| Delete specified features from the compound<br />
| DELETE<br><br />
| /compound/{cid}/feature<br />
| <strong>[subjectid]</strong><br>?<strong>feature_uris[]</strong>="URIto features" (optional)<br />
| <br><br />
| 200,400,404,503</tbody><br />
|}<h3>HTTP status codes</h3><br />
{| class="plain"<tbody> <br />
| <strong>Interpretation</strong><br />
| <strong>Nr</strong><br />
| <strong>Name</strong><br />
|- <br />
| Success<br />
| 200<br />
| OK<br />
|- <br />
| Compound not found<br />
| 404<br />
| Not Found<br />
|- <br />
| Incorrect MIME type<br />
| 400<br />
| Bad request<br />
|- <br />
| Service not available<br />
| 503<br />
| Service unavailable</tbody><br />
|}<br />
<h3>Compound representation</h3><br />
<h4>Supported MIME formats</h4>http://chemical-mime.sourceforge.net/<br />
<p>Mandatory:</p><ul><li><br />
chemical/x-daylight-smiles (default)<br></li><li><br />
chemical/x-inchi</li><li><br />
chemical/x-mdl-sdfile</li><li><br />
chemical/x-mdl-molfile</li></ul><p>Optional:</p><ul><li><br />
chemical/x-mol2</li><li><br />
chemical/x-cml</li><li>other chemical formats</li><li>image/png</li><li>other image formats</li><li>text/plain (chemical names)</li><li>application/rdf+xml</li></ul><h2>Conformers (optional)<br></h2><h3>Component description</h3><p>[Optional] support for multiple (e.g. 3D) structures per chemical compound (single structure by default)</p><h3>REST operations <br></h3><br />
{| class="plain"<tbody> <br />
| <strong>Description</strong><br />
| <strong>Method</strong><br />
| <strong>URI</strong><br />
| <strong>Parameters</strong><br />
| <strong>Result</strong><br />
| <strong>Status codes</strong><br />
|- <br />
| Get available structures of a compound<br />
| GET<br />
| /compound/{id1}/conformer/<br />
| <strong>[subjectid]</strong><br />
| List of structure URIs<br><br />
| 200,404,503<br />
|- <br />
| Create a new structure<br />
| POST<br />
| /compound/{id1}/conformer<br />
| <strong>[subjectid]</strong><br>Representation in a supported MIME format<br />
| New URI /compound/{id1}/conformer/{id2}<br />
| 200,400,503<br />
|- <br />
| Remove all structures<br />
| DELETE<br />
| /compound/{id1}/conformer/<br />
| <strong>[subjectid]</strong><br />
| –<br />
| 200,400,404,503<br />
|- <br />
| Get the representation of a structure<br><br />
| GET<br />
| /compound/{id1}/conformer/{id2}<br />
| <strong>[subjectid]</strong><br>?<strong>feature_uris[]</strong>="URI to features"<br />
| Representation in a supported MIME format , with feature values , if <strong>feature_uris</strong>[] provided<br><br />
| 200,404,503<br />
|- <br />
| Update the representation of a structure<br />
| PUT<br />
| /compound/{id1}/conformer/{id2}<br />
| <strong>[subjectid]</strong><br>Representation in a supported MIME format<br />
| URI /compound/{id1}/conformer/{id2}<br />
| 200,400,404,503<br />
|- <br />
| Remove a structure<br />
| DELETE<br />
| /compound/{id1}/conformer/{id2}<br />
| –<br />
| –<br />
| 200,400,404,503</tbody><br />
|}<h3>Features per Conformer</h3><p>&nbsp;</p><br />
{| class="plain"<tbody> <br />
| <strong>Description<br></strong><br />
| <strong>Method<br></strong><br />
| <strong>URI<br></strong><br />
| <strong>Parameter<br></strong><br />
| <strong>Result<br></strong><br />
| <strong>Status codes<br></strong><br />
|- <br />
| Get available feature URIs for a compound<br><br />
| GET<br><br />
| &nbsp;/compound/{cid}/conformer/{cid}/feature<br><br />
| <strong>[subjectid]</strong><br>?<strong>feature_uris[]</strong>="URIto features" (optional)<br><br />
| Returns representation of the features as uri-list or RDF<br>All available features are returned, if no parameter is specified<br><br />
| 200,404,503<br><br />
|- <br />
| Create a new feature value<br><br />
| POST<br><br />
| /compound/{cid}/conformer/{cid}/feature<br />
| <strong>[subjectid]</strong><br>?<strong>feature_uri</strong>="URIto feature" (mandatory, single feature)&amp;<strong>value</strong>=the_value<br />
| URI of the compound with the new feature, e.g.<br><br />
/compound/{id}/conformer/{cid}?feature_uris[]=the-new-feature<br><br />
| 200,400,503<br />
|- <br />
| Update a new feature value<br />
| PUT<br><br />
| /compound/{cid}/conformer/{cid}/feature<br />
| <strong>[subjectid]</strong><br>?<strong>feature_uri</strong>="URIto feature" (mandatory, single feature)&amp;<strong>value</strong>=the_value<br><br><br />
| <br><br />
| 200,400,404,503<br />
|- <br />
| Delete specified features from the compound<br />
| DELETE<br><br />
| /compound/{cid}/conformer/{cid}/feature<br />
| <strong>[subjectid]</strong><br>?<strong>feature_uris[]</strong>="URIto features" (optional)<br />
| <br><br />
| 200,400,404,503</tbody><br />
|}<ul><li><strong>subjectid</strong> (optional) parameter that contains the OpenSSO A&amp;A token needed to access protected services.</li></ul><p>&nbsp;</p><h3>HTTP status codes</h3><p>same as for Compounds</p><h3>Structure representation</h3><p>same as for Compounds</p></div>Mrautenberg