Using Connect Enterprise Web Services 
Login and requests > Log in from an application > Log in to Enterprise Server

Log in to Enterprise Server

The standard technique for logging a user in to Enterprise Server uses the login action, passing the user's login ID and password. This technique works with both HTTP GET and POST requests.

You also need to manage the BREEZESESSION cookie the server returns for each user session. If you use a client-side cookie management library, it is much easier to allow it to manage cookies for you than to manage the cookies yourself. If you do not have such a library, call login with the session parameter, as it is easier and more reliable than setting HTTP header values.

NOTE

 

: If you send user passwords to Enterprise Server, use SSL so passwords are encrypted in transit, even if you have a licensed Enterprise Server within your own firewall.

Log in with cookie management

  1. Call the login action, passing it the user's login ID and password, but no session parameter:
    http://example.com/api/xml?action=login&login=bobs@acme.com
        &password=football
  2. Parse the response for a status code of ok.

    If the login is successful, the server returns the BREEZESESSION cookie in the response header:

    Set-Cookie: BREEZESESSION=breezbryf9ur23mbokzs8;domain=.macromedia.com;path=/
  3. Allow your cookie management library to manage the BREEZESESSION cookie.

    Your client-side library passes the cookie back to the server in a request header on subsequent calls for the remainder of the user's session. You do not need to set the cookie in the request header explicitly. When the user logs out, the cookie expires.

Log in using the session parameter

  1. Before you log the user in, call common-info to get the value of the BREEZESESSION cookie:
    http://example.com/api/xml?action=common-info
  2. Extract the cookie value from the response:
    <cookie>breezxq66rt43poai3if8</cookie>
  3. Log the user in, specifying the cookie value:
    http://example.com/api/xml?action=login&login=bobs@acme.com
        &password=football&session=breezxq66rt43poai3if8
  4. Parse the response for a status code of ok.
  5. Use the session parameter with the same cookie value on subsequent calls for the user, until the user's session ends:
    https://example.com/api/xml?action=principal-list
        &session=breezxq66rt43poai3if8
  6. When the user logs out or the user's session ends, do not reuse the cookie value.


Take a survey


 

Send me an e-mail when comments are added to this page | Comment Report

Current page: http://livedocs.adobe.com/breeze/6/xml_api/02_logi3.htm