Hi Surajit,

surajit ray wrote on 03/07/2011 05:06 PM:
> Hi Andreas,All,
>
> Was trying to work through the doc file given as documentation on the
> website at
>
> http://opentox.org/data/documents/partner/wp/3/deliverables/Draft%20Report%20WP3-D3.3
>
> I had a few queries regarding the content.
>
> 1)  To quote an example from the doc file
>
>
> ------------------------------------------------------------------------------------
> # Listing all my policies...
> # =======================
> curl -i -X GET http://opensso.in-silico.ch/Pol/opensso-pol -H
> “subjectid: AQIC5wM2LY4SfcxrnpcZCmbfdsKTyxG9E66uu5FVhefps7I%3D%40AAJTSQACMDE%3D%23”
> HTTP/1.1 200 OK
> Content-Type: text/plain
> There were not matching policies under realm, /.
> ------------------------------------------------------------------------------------
>
>
> here the token is url encoded while in reality (on the server at
> http://opensso.in-silico.ch/Pol/opensso-pol) the accepted form is without urlencoding the token.

Please keep in mind that the deliverable may be superseded by later 
versions of the software.
Here is the relevant documentation:
http://www.opentox.org/dev/apis/api-1.2/AA#section-2

> and the result from the non-urlencoded token submission is following
>
>
> ------------------------------------------------------------------------------------
> maxtox at maxtox-desktop:~$ curl -i -X GET
> http://opensso.in-silico.ch/Pol/opensso-pol -H
> "subjectid:AQIC5wM2LY4SfcwYjtLJPwt6fs8ca1Owk5XWByXX3Wn+bX4=@AAJTSQACMDE=#"
> HTTP/1.0 200 OK
> Server: nginx/0.6.32
> Date: Mon, 07 Mar 2011 15:36:58 GMT
> Content-Type: text/plain
> Proxy-Connection: keep-alive
> Content-Length: 1
> ------------------------------------------------------------------------------------
>
> as you can see I could not get the expected  : "There were not
> matching policies under realm, /."

I will investigate why this is missing. Please work around that in the 
meantime.

> 2) When I do a authentication like the following I get the result as a
> token.id like so
>
>
> ------------------------------------------------------------------------------------
> maxtox at maxtox-desktop:~$ curl -i -d "username=surajitray" -d
> "password=w3lc0m3"
> http://opensso.in-silico.ch/opensso/identity/authenticate
> HTTP/1.0 200 OK
> Server: nginx/0.6.32
> Date: Mon, 07 Mar 2011 15:31:26 GMT
> Content-Type: text/plain;charset=UTF-8
> Proxy-Connection: keep-alive
> Content-Length: 72
>
> token.id=AQIC5wM2LY4Sfcy24eQG5V7J8Lth75vK3Tdr94/rrc/nBJs=@AAJTSQACMDE=#
> ------------------------------------------------------------------------------------
>
>
> Have been correct to assume that this token.id is to be used as
> subjectid in the previous step ?

Yes.

> If my assumption was correct then could you please remove this
> apparent inconsistency by changing both the variables to the same name
> (either token.id or subjectid) ?

No, since all other OT members use it- therefore this would break 
everything.
I am passing the original SSO output here. I could change it, but we 
would have to agree on that collectively.

> Also in the documentation on the website
> (http://opentox.org/dev/apis/api-1.2/AA) the following is mentioned
>
>
> ------------------------------------------------------------------------------------
>
> Authentication
>
> POST on /auth/authenticate
>
> username
> password
> uri
>
> 200 + token (Valid)
> 401 (Invalid)
>
> Token validation
>
> POST on /auth/isTokenValid
>
> tokenid
>
> 200 + Boolean
>
> Logout
>
> POST on /auth/logout
>
> subjectid
>
> 200 + void
>
> ------------------------------------------------------------------------------------
>
>
>
> As you can see theres a mix of token and tokenid. So we have four
> representations of the same thing token.id , token , tokenid,
> subjectid ?

You are right, but the services you mentioned are the original OpenSSO 
services, which is why I can not simply change them.
The names are inconsisten (I know).

Best regards
Andreas