1. OTIS Documentation
    1. Overview
    2. Deploying an OTIS Server
    3. Developer Documentation
      1. OTIS Functionality
      2. Samples
      3. OTIS RESTful Protocol Details
      4. Audit Logging
    4. Configuration Documentation
  2. Role Tasks
  3. Activate Role
    1. REST
    2. Java
    3. PHP
    4. cURL
  4. Get Active Roles
    1. REST
    2. Java
    3. PHP
    4. cURL
  5. Get Assumable Roles
    1. REST
    2. Java
    3. PHP
    4. cURL
  6. Is In Role
    1. REST
    2. Java
    3. PHP
    4. cURL
  7. Release Role
    1. REST
    2. Java
    3. PHP
    4. cURL

Activate Role

This section provides developers with information on how to activate a role for an authenticated session. Documentation for the REST protocol, as well as code samples for Java, PHP, and cURL, are provided below.

REST

The REST noun for activating a role on an authenticated session is as follows:

  • Relative Noun: /AuthenticatedSession/$sessionID/ActiveRoles. This is the relative path of the URL that should appear after the OTIS server application name. The $sessionID variable identifies the authenticated session that is to be updated with a new active role. For example: 
    https://wag.bandit-project.org/otis/AuthenticatedSession/AB6745EDF9A32BCEAB6745EDF9A32BCE/ActiveRoles
  • HTTP Method: PUT.
  • Request/Response message details: click here
  • Description: Activates a role for the authenticated session (specified by the $sessionID variable). The content of the request message (see here) contains the role that is to be activated.

Java

The following is example Java code that demonstrates how to activate a role for an authenticated session: 

//Activates a specific role. In this case, the role "savants" is activated.

session.activateRole("savants");

To view the complete Java sample code for Authentication and Roles-based nouns, see the Authentication and Roles Java Sample Code page.

The OTIS client Java library may be downloaded from the OTIS download page.

PHP

The following PHP code is an example of how to activate a role for an authenticated session: 

//Generate the header to activate a role
$strRoleToActivate = "savants";

$strContent =
'<?xml version="1.0" encoding="UTF-8"?>' .
'<otis:ActivateRole xmlns:otis="http://code.bandit-project.org/schemas/2008/otis">' . $strRoleToActivate . '</otis:ActivateRole>';

$length = strlen($strContent);

$putHeader = 
"PUT $URI" . "/ActiveRoles HTTP/1.1\n".
"Host: $Host\n" .
(($secret) ? ("SessionSecret: " . $secret . "\n") : "") .
"Content-Type: application/x-www-form-urlencoded\n".
"Content-Length: $length\n".
"Connection: Close\n\n".
"$strContent\n";


//activate the role
echo "Add the \"savants\" role...\n";
$socket = fsockopen($Host, 80);
fputs($socket, $putHeader);
while(!feof($socket)) fgets($socket);
fclose($socket);

To view the complete PHP sample code for Authentication and Roles-based nouns, see the Authentication and Roles PHP Sample Code page.

cURL

The following cURL sample code activates an assumable role: 

if [ -e secret.hdr ] ; then secret=`cat secret.hdr` ; else secret="nosecret: none" ; fi
curl -b cookies.txt -H "${secret}" -X PUT -d "<?xml version=\"1.0\" encoding=\"UTF-8\"?>
<otis:ActivateRole xmlns:otis=\"http://code.bandit-project.org/schemas/2008/otis\">RandomRole3</otis:ActivateRole>" \
https://wag.bandit-project.org/otis/ActiveRoles

This assumes you have already set up an authenticated session and are using a cookies.txt file to store/retrieve the otisSessionID cookie. It also assumes that the session secret has been stored in a file called secret.hdr (See AuthenticateUser for details).