bor_auth
General Purpose
This X-Service is used to obtain the user’s affiliation, if necessary.
User affiliation information can be used for filtering resources, QuickSets, or resource categories. Access to resources in MetaLib is controlled by the affiliation of a user to an institution (mandatory) and optionally to a user group and/or IP.
Enter the user’s ID, password and institution. The response will be a Y/N flag, indicating whether or not the user has a user record in MetaLib. If the response is Y, the user’s affiliation will also be sent.
Flow
- login – Called once by the calling application with a valid /X user name and password. The session-id retrieved is passed to all other API calls.
- bor_auth
Input Parameters
- source_id – User name of the patron for which the function is performed.
- verification – Password for the Bor_id/ Source_id.
- institute – The requested user’s institution.
- session_id – The session ID is the unique identifier of the login.
Input XML Format
Example:
<?xml version = "1.0" encoding = "UTF-8"?> <x_server_request> <bor_authentication_request> <source_id>David</source_id> <verification>David</verification> <institute>METALIB</institute> <session_id>TL6HGNJDJ8A93JCAY39U18LCJ5AM3XX1MMAS343RAHC8M5VATM</session_id> </bor_authentication_request> </x_server_request>
Input URL Syntax
To obtain the user’s affiliation, the appropriate User_name and User_password attributes must be embedded within this URL syntax:
MetalibPath:port/X?op=bor_authentication_request&session_id=Login session id&source_id=name&verification=***&institute=institution
Example URL Syntax
http://ram47:8334/X?op=bor_authentication_request&session_id=TL6HGNJDJ8A93JCAY39U18LCJ5AM3XX1MMAS343RAHC8M5VATM&source_id=David&verification=david&institute=METALIB
Output XML Format
- <auth>Y</auth> – The user is authorized. The XML output includes patron number, institute name, and session ID.
- <auth>N</auth> – The user is not authorized. (or one of the three input parameters is not correct )
- Bor_Id: Internal borrower ID sequence number (=patron)
<x_server_response metalib_version="4.00 (20)"> <bor_authentication_response> <auth>Y</auth> <bor_id>PATRON51</bor_id> <institute>METALIB</institute> <user_group></user_group> <session_id new_session="N">LADTNRGIA1NY5TP13SBL282516UGSHYS2Y2XNQP9QJ2EGM82G8 </session_id> </bor_authentication_response> </x_server_response>
Possible Error Codes
1. If the session_id, provided as an input parameter, is not valid, the following error message appears in the XML output:
<error_code>0151</error_code> <error_text>You are not authorized to use this function</error_text>
This can be caused by not using the session_id returned from the login X-Service.
2. If the present X-Service was activated after the session had timed out:
<error_code>2050</error_code> <error_text>Session timeout</error_text>
3. If one of the parameters is missing:
<error_code>2038</error_code> <error_text>Missing element from XML request - " verification ".</error_text>