@RequestMapping(value="/rest/session", method=PUT, produces="application/json")
ParametersDescription
userUser name
passpassword

URL Example

http://localhost:8921/wagby/rest/session

Parameter designation method

As with POST, send Content-Type as application/x-www-form-urlencoded.
Specifically, specify "application/x - www - form - urlencoded" in the Content - Type header and send the following character string.

user=admin&pass=admin

When using POSTMAN, you can confirm by specifying x - www - form - urlencoded and setting parameters as shown in the figure.

Figure 1 Using the REST API

Response - Logon Success

STATUS=200 OK
Returns JSESSIONID in cookie.Please add this JSESSIONID when calling the subsequent REST API.
Here is an example of the content of the return.

{
 "groupId": [],
 "username": "admin",
 "passwdChangeDate": null,
 "preference": {
   "id": "admin",
   "item": []
 },
 "status":"logon.afterLogon",
 "juser": {
   "id_": 101,
   "userid_": "admin",
   "jgroupid_": [],
   "name_": "システム管理者",
   "valid_": null,
   "level_": 0,
   "passwdChangeDate_": null,
   "passwdChangeFlag_": null,
   "passwdErrCount_": null,
   "lastLogonDate_":1387281246638,
   "rule_": []
 },
 "passwdChangeFlag": null
}

Response - Logon failure

STATUS=401 Unauthorized
Here is an example of the content of the return.

{
 "status":"logon.input",
 "__jfc_jfcerrors": {
   "jfcwarn": [],
   "jfcinfo": [],
   "jfcdebug": [],
   "jfcerror": [
     {
       "name": null,
       "content": "ユーザ名またはパスワードが間違っています。パスワードを連続して複数回間違えるとアカウントがロックされる場合があります。ご注意ください。",
       "code": "error.password.mismatch"
     }
   ]
 }
}

Response of password hashing

Wagby allows you to hash passwords.

The logon process of the REST API also supports this hashed password.Please send the password in plaintext.

@RequestMapping(value="/rest/session", method=DELETE, produces="application/json")

URL Example

http://localhost:8921/wagby/rest/session

response

STATUS = 200 OK Here is an example of the return content.

{
 "status":"logoff.input"
}
@RequestMapping(value="/rest/session", method=GET, produces="application/json")

URL Example

http://localhost:8921/wagby/rest/session

Response - When authenticated

Same as "Response logon success" above.

Response - when not authenticated

STATUS = 401 Unauthorized
内容は空です。

{}

You can log on at the time of one REST API call and log off after REST API processing is over.In this case you do not need to maintain the session.(It is unnecessary to keep the JSESSIONID in the cookie as described above.)

Set "X - Wagby - Authorization" in the request header when calling REST API.The value is specified by encoding BASE64 with a colon separated user ID and password.

For example, encoding "admin: admin" with BASE 64 will result in "YWRtaW 46 YWRta W 4 =".

The method of encoding (encode) with BASE 64 is omitted.Various services are published on the Internet.

Reference material

Security

This is the timing to send an HTTP request to Wagby, and it gives the logon ID and password in the header.In actual operation, please use HTTP encrypted communication (HTTPS).[More ...]

trouble shooting

Other users logged on during REST API processing are forcibly logged out and returned to the logon screen

Please confirm the following points.