Verifying CA Strong Authentication Tokens
The CA Strong Authentication Authentication SDK provides an appropriate token to the end user after they authenticate successfully. The token is then presented to the CA Strong Authentication Server, indicating that the user is authenticated and can be provided access to the protected resources.
aatest
2112391
The CA Strong Authentication Authentication SDK provides an appropriate token to the end user after they authenticate successfully. The token is then presented to the CA Strong Authentication Server, indicating that the user is authenticated and can be provided access to the protected resources.
By using the Authentication Web service, you can specify whether the token has to be returned after authentication or not. In addition, you can also specify the type of the token that must be returned after authentication. The verifyAuthToken method specifies the return token type and supports the following types of tokens:
- Native TokensSpecify this type when CA-proprietary (or Native) token is required after successful authentication. This token can be used multiple times before it expires.
- One-Time TokensSpecify this type when one-time token is required after successful authentication. This token can be used only one time before it expires.
- SAML TokensSecure Assertion Markup Language(SAML) is an open standard, which specifies the format of the authentication data exchanged between security domains. The Native, Default, and One-Time tokens issued by CA Strong Authentication can only be interpreted by the CA Strong Authentication Server, but the SAML tokens issued by the CA Strong Authentication Server can be interpreted by any other authentication system. CA Strong Authentication supports1.1and2.0versions of SAML:
- SAML 1.1 TokensSpecify this type of token when you are using custom (non-CA Strong Authentication) authentication mechanism that needs SAML 1.1 tokens after successful authentication.
- SAML 2.0 TokensSpecify this type of token when you are using custom (non-CA Strong Authentication) authentication mechanism that needs SAML 2.0 tokens after successful authentication.
- Default TokensSpecify this type of token when the default token configured at the server is to be requested after successful authentication.
- CustomSpecify this type of token when you are performing custom credential authentication.
CA Strong Authentication Server can verify
only
the Native and One-Time tokens that are issued to the users. The authentication token must be verified in cases when you use the token for Single Sign-On, wherein you authenticate the user once and allow them to use multiple resources using the same authentication token.To verify if a token is valid or not:
- (Optional) If you are implementing a plug-in, then invoke the setAdditionalInput() method in the AdditionalInput class to obtain an object that implements the class.See "Preparing Additional Input" for more information.
- Invoke the verifyAuthToken() method in Authentication class to verify the token of the user.This method returns an instance of the AuthTokenResponse interface, which provides the credential and transaction details.