1. OTIS Documentation
    1. Overview
    2. Deploying an OTIS Server
    3. Developer Documentation
      1. OTIS Functionality
      2. Samples
      3. OTIS RESTful Protocol Details
      4. Audit Logging
    4. Configuration Documentation
  2. OTIS Restful Protocol Overview
    1. Notational Conventions
    2. Authenticated Session Secret
    3. Specifying a Version for Resources
    4. Authentication Nouns
    5. Role Nouns
    6. Attribute/Entity Nouns
    7. Audit Log Nouns
    8. Session Properties Nouns
  3. OTIS Error Responses
    1. Notational Conventions
    2. HTTP Response Codes
    3. Error Message Format
    4. Error Message Elements and Attributes
  4. ActiveRoles/[$roleID] GET
    1. Notational Conventions
    2. Request Noun URL
    3. Session Secret
    4. Response Message Format
    5. Response Elements and Attributes
  5. ActiveRoles PUT
    1. Notational Conventions
    2. Request Noun URL
    3. Session Secret
    4. Request Message Format
    5. Request Elements and Attributes
    6. Response Message Format
  6. AssumableRoles GET
    1. Notational Conventions
    2. Request Noun URL
    3. Session Secret
    4. Response Message Format
    5. Response Elements and Attributes
  7. Entity/$entityID/Attribute/$attrID PUT
    1. Notational Conventions
    2. Request Noun URL
    3. Session Secret
    4. Request Message Format
    5. Request Elements and Attributes
    6. Response Message Format
  8. Entity/$entityID/Attribute/$attrID GET
    1. Notational Conventions
    2. Request Noun URL
    3. Session Secret
    4. Request Message Format
    5. Response Message Format
    6. Response Elements and Attributes
  9. Entity/$entityID/Attribute POST
    1. Notational Conventions
    2. Request Noun URL
    3. Session Secret
    4. Request and Response Message Format
    5. Request/Response Elements and Attributes
  10. AuditLog PUT
    1. Notational Conventions
    2. Request Noun URL
    3. Request Message Format
    4. Request Elements and Attributes
    5. Response Message Format
  11. entityID GET
    1. Notational Conventions
    2. Request Noun URL
    3. Session Secret
    4. Response Message Format
    5. Response Elements and Attributes
  12. AuthenticatedSession/$sessionID GET
    1. Notational Conventions
    2. Request Noun URL
    3. Session Secret
    4. Response Message Format
    5. Response Elements and Attributes
  13. AuthenticatedSession POST
    1. Notational Conventions
    2. Request Noun URL
    3. Request Message Format
    4. Request Elements and Attributes
    5. Response Message Format
    6. Response Elements and Attributes
  14. AuthenticatedSession/$sessionID PUT
    1. Notational Conventions
    2. Request Noun URL
    3. Session Secret
    4. Reauthenticate Message Format
    5. Send Additional Authentication Material Message Format
    6. Request Elements and Attributes
    7. Response Message Format
    8. Response Elements and Attributes
  15. Context[?attr=$attrID[&attr=$attrIDn]...] GET
    1. Notational Conventions
    2. Request Noun URL
    3. Session Secret
    4. Response Message Format
    5. Response Elements and Attributes
  16. Context/ PUT Message
    1. Notational Conventions
    2. Request Noun URL
    3. Session Secret
    4. Request Message Format
    5. Request Elements and Attributes
    6. Response Message Format
  17. Entity/$entityID[?attr=$attrID[&attr=$attrIDn]...] GET
    1. Notational Conventions
    2. Request Noun URL
    3. Session Secret
    4. Response Message Format
    5. Response Elements and Attributes
  18. Entity/ POST
    1. Notational Conventions
    2. Request Noun URL
    3. Session Secret
    4. Request Message Format
    5. Response Message Format
    6. Request/Response Elements and Attributes
  19. Entity/$entityID PUT
    1. Notational Conventions
    2. Request Noun URL
    3. Session Secret
    4. Request Message Format
    5. Request Elements and Attributes
    6. Response Message Format
  20. Properties[/$propertyName] GET
    1. Notational Conventions
    2. Request Noun URL
    3. Session Secret
    4. Request Message Format
    5. Response Message Format
    6. Response Elements and Attributes
  21. Properties/$propertyName PUT
    1. Notational Conventions
    2. Request Noun URL
    3. Session Secret
    4. Request Message Format
    5. Request Elements and Attributes
    6. Response Message Format

ActiveRoles PUT

This page documents the format and semantics of the request and response messages to activate a role on an authenticated session.

Notational Conventions

  • Variables are represented using a $variable notation. For example, the $HostName variable represents a server host name. An actual value for $HostName might be something like "code.bandit-project.org".
  • Characters are appended to elements and attributes to indicate cardinality:
    • "?" (0 or 1)
    • "*" (0 or more)
    • "+" (1 or more)
  • The character "|" is used to indicate a choice between alternatives.
  • Items contained in braces ("{" and "}") are used to indicate that contained items are to be treated as a group.

Request Noun URL

The following URL is the "noun" that is used to update the active roles in an authenticated session: 

http://$HostName/$OtisAppName/AuthenticatedSession/$sessionID/ActiveRoles

For example: 

http://code.bandit-project.org/otis/AuthenticatedSession/78BD660E0E5F673378BD660E0E5F6733/ActiveRoles

Session Secret

When a session is first created, the OTIS server may assign a secret to the session. Whether or not a session secret is created depends on a setting in the OTIS server called SessionSecretBitSize. See here for documentation on this setting. If a size of zero is specified, no session secret will be created. If a session secret is created, it will be returned to the client in the first response message the OTIS server sends back to the client during authentication. For more detail on this response, see here. Thereafter, the client is expected to send the secret in an HTTP header called SessionSecret whenever it wants to perform actions on the session. If the session secret is not provided, or does not match the one OTIS has for the session, the request will be rejected. NOTE: The header is NOT required if no session secret has been generated by OTIS (SessionSecretBitSize == 0).

Request Message Format

<otis:ActivateRole xmlns:otis="http://code.bandit-project.org/schemas/2008/otis">$roleId</otis:ActivateRole>

Request Elements and Attributes

  • otis:ActivateRole element: This is the only element in this request. The $roleId variable specifies the role that is to be activated. If successful, the role will be activated for the session.

Response Message Format

If the request to activate a role fails, the HTTP response code will contain an error code, and the content of the response will contain additional information. For more information on error responses, see here. Otherwise, the content of the response message will be empty, and the HTTP response code will be 200 (success).