bor_auth

General Purpose

This X-Service is used to obtain the user’s affiliation, if necessary.
User affiliation information can be used for filtering resources, QuickSets, or resource categories. Access to resources in MetaLib is controlled by the affiliation of a user to an institution (mandatory) and optionally to a user group and/or IP.

Enter the user’s ID, password and institution. The response will be a Y/N flag, indicating whether or not the user has a user record in MetaLib. If the response is Y, the user’s affiliation will also be sent.

Flow

  • login – Called once by the calling application with a valid /X user name and password. The session-id retrieved is passed to all other API calls.
  • bor_auth

Input Parameters

1. SOURCE_ID – X(40)
2. VERIFICATION – X(20)
3. INSTITUTE – X(30)
4. SESSION_ID – X(50)

Explanation of the mandatory and optional parameters:
  • source_id – User name of the patron for which the function is performed.
  • verification – Password for the Bor_id/ Source_id.
  • institute – The requested user’s institution.
  • session_id – The session ID is the unique identifier of the login.

Input XML Format

Example:

<?xml version = "1.0" encoding = "UTF-8"?>
<x_server_request>
  <bor_authentication_request>
    <source_id>David</source_id>
    <verification>David</verification>
    <institute>METALIB</institute>
    <session_id>TL6HGNJDJ8A93JCAY39U18LCJ5AM3XX1MMAS343RAHC8M5VATM</session_id>
  </bor_authentication_request>
</x_server_request>

Input URL Syntax

To obtain the user’s affiliation, the appropriate User_name and User_password attributes must be embedded within this URL syntax:

MetalibPath:port/X?op=bor_authentication_request&session_id=Login session id&source_id=name&verification=***&institute=institution

Example URL Syntax

http://ram47:8334/X?op=bor_authentication_request&session_id=TL6HGNJDJ8A93JCAY39U18LCJ5AM3XX1MMAS343RAHC8M5VATM&source_id=David&verification=david&institute=METALIB

Output XML Format

The XML output includes: An indication of whether or not the user is permitted to use X-Services (in the <auth> field).

Valid values:
  • <auth>Y</auth> – The user is authorized. The XML output includes patron number, institute name, and session ID.
  • <auth>N</auth> – The user is not authorized. (or one of the three input parameters is not correct )
  • Bor_Id: Internal borrower ID sequence number (=patron)
Example:
<x_server_response metalib_version="4.00 (20)">
  <bor_authentication_response>
    <auth>Y</auth>
    <bor_id>PATRON51</bor_id>
    <institute>METALIB</institute>
    <user_group></user_group>
    <session_id new_session="N">LADTNRGIA1NY5TP13SBL282516UGSHYS2Y2XNQP9QJ2EGM82G8
       </session_id> </bor_authentication_response> </x_server_response>

Possible Error Codes

1. If the session_id, provided as an input parameter, is not valid, the following error message appears in the XML output:

<error_code>0151</error_code>
<error_text>You are not authorized to use this function</error_text>

This can be caused by not using the session_id returned from the login X-Service.

2. If the present X-Service was activated after the session had timed out:

<error_code>2050</error_code>
<error_text>Session timeout</error_text>

3. If one of the parameters is missing:

<error_code>2038</error_code>
<error_text>Missing element from XML request - " verification ".</error_text>