<services_uri>/security/tokens[.<format>]
Get the Token of the protected service according to the user information. After getting the Token, a user can Access Protected REST Service Resource based on Token.
For information about Token, please refer to Token-based Authentication.
Supported Methods:
Supported output formats: rjson, json, html, xml.
Execute the HTTP request on the following URI, where supermapiserver is the server name, with rjson being the output format.
http://supermapiserver:8090/iserver/services/security/tokens.rjson
Return the form the applies and gets Token.
Input user information to apply for Token.
Following arguments need to be included while applying for Token.
| Name | Type | Description |
| userName | String | [Required parameter] The authenticated user name to apply for the token. |
| password | String | [Required parameter] The user password. |
| clientType | enum | [Required parameter] The way to issue the token. 4 values are supported, corresponding 4 ways for issuing tokens: IP, the specified IP address; Referer; the specified URL; RequestIP, the IP of the client sending the request; NONE, none verification will be executed. |
| ip | String | Required when clientType=IP. Pass corresponding IP if the token will be applied by specifying the IP. |
| referer | String | Required when clientType=Referer. Pass corresponding URL if the token will be applied by specifying the URL. |
| expiration | long | [Required parameter] The validity period of the token, starting from the time the token was issued, in min. |
If the user name, password you entered are correct, a string which is the Token which contains user's permission will be returned.
If the user name, password you entered are verified failed, the structure of the response as shown below will be returned:
| Name | Type | Description |
| succeed | boolean | Operation successes or fails, false if fails. |
| error | HttpError | If the user name or password is incorrect, an error message is returned with a response code of 400. |
Execute the POST request on the tokens resource http://localhost:8090/iserver/services/security/tokens.rjson. The following arguments are passed in.
{
"userName": "user1",
"password": "secret",
"clientType": "RequestIP",
"expiration": 60
}
The rjson format returned is as follows:
9AUyV9QOpTARW-Zj1yybXdjHgQvgWtmeQKNPQ43jSjfO3ELFpjKmeCRUuVwrLGfCLNIkJpq5KpVWOn8HwWehhg..
Asks for the response identical to the one that would correspond to a GET request, but without the response body. This is useful for retrieving meta-information written in response headers, without having to transport the entire content. The meta-information includes the media-type, content-encoding, transfer-encoding, content-length, etc.
HEAD request can be used to check if the tokens resource exists, or if the tokens resource can be accessed by clients. It can also determine if the tokens resource supports an output format <format> if performed on a URI with .<format> included.