+xns/Session
Message: Authenticate

+xns/Core/XNSObject
   |
   +--+xns/Core/Message
         |
         +--+xns/Session/Authenticate


Produces authentication credentials for the current browser session. If no session exists, the user is asked to login. The result of sending this message will be a subsequent +xns/Session/SubmitAuthCert message posted to the MerchantURI specified in the message. This message usually originates from the merchant, is sent to a central session service, then forwarded to the authentication authority by the session service. Upon successful authentication, an AuthCert is created for the merchant and sent to the merchant URI with the +xns/Session/SubmitAuthCert message.

To: If specified, this is the identity to send the request to. If unspecified, authentication will be forwarded to the merchant's preferred authentication authority.
From: The originator of the message. This may be the originating merchant, the central session service, or a forwarding AA.


 

Input
+xns/Core/URI LogoutURI URI at the merchant site used to inform the merchant the user is logged out.
+xns/Core/IdentityAddress MerchantAddr The merchant's registered XNS address.
String MerchantName Display name for the merchant originating the request.
+xns/Core/URI MerchantURI URI of the merchant's session service.
+xns/Core/URI PreferredAA URI of the session service for the merchant's preferred authentication authority.
+xns/Core/URI SessionURI URI of the central session service used to define the browser session.
 

Input Detail

LogoutURI

URI at the merchant site used to inform the merchant the user is logged out. See +xns/Session/LogoutNotify.  

DataType: +xns/Core/URI
 


MerchantAddr

The merchant's registered XNS address. The resulting +xns/Session/SubmitAuthCert message will have this in its To element, and the contained AuthCert element will be encrypted using the public key of this XNS identity.  

DataType: +xns/Core/IdentityAddress
 


MerchantName

Display name for the merchant originating the request. This name will be displayed to the user during logout, and should be language specific to the user (if the user's language is known).  

DataType: String
 


MerchantURI

URI of the merchant's session service. This URI will be used for posting the resulting +xns/Session/SubmitAuthCert message.  

DataType: +xns/Core/URI
 


PreferredAA

URI of the session service for the merchant's preferred authentication authority. If the user is not logged in, and has not specified his XNS name in the To element of the message, and has no browser plugin for capturing authentication requests, then the user will be sent to this URI for authentication. The AA will accept the user's authentication credentials, and may offer the user a chance to register at that AA if the user has no other XNS primary identity. The user may be directed to another AA if his primary XNS identity is not hosted at this AA.  

DataType: +xns/Core/URI
 


SessionURI

URI of the central session service used to define the browser session. The merchant sends the originating message to this URI. The authentication authority sends the +xns/Session/LoginNotify message to this URI.  

DataType: +xns/Core/URI
 


 

Publishing Identity: +xns
© 2002 XNSORG
Last Updated: 07/09/2002