General Overview

---

Product Info	XDOC 5200
Last Update	January 10, 2013

This document provides the specification for the XDOC User Authentication Remote Service API, which is used to integrate 3rd party system user authentication with XDOC. Throughout this document, references to the 3rd party system will be called the External System. XDOC has an intelligent User Security Framework that simultaneously allows both internally managed users and externally managed users to access the XDOC software. Regardless of whether a user is internally managed or externally managed, once the user is authenticated and logged onto XDOC, all subsequent security policies for that logon session are managed appropriately by XDOC security profiles, roles, and other security configuration. The primary component of the XDOC User Security Framework used for user authentication is the XDOC User Authentication Provider interface specification called: IXAuthProvider. This interface defines a small set of methods that XDOC invokes as needed to authenticate user credentials and lookup user objects an External System. XDOC includes 3 built-in implementations of the Authentication Provider interface that allow it to integrate user authentication with nearly any External System.

1. Database Authentication Provider: Allows the definition of a database connection string, and a set or queries or stored procedures used to validate credentials and lookup user information.
2. LDAP Authentication Provider. Allows the definition of an LDAP connection, and a mapping of user object attributes and security groups in the LDAP system with XDOC user attributes and security profiles.
3. Http Service Authentication Provider: Allows the definition of HTTP URL endpoints that correspond to each method in the User Authentication Provider interface. These URLs are configurable both in the method and names of parameters passed, as well as interpreting / parsing the result data to extract the user object information.

This document is divided into the following sections:

	SECTION	DESCRIPTION
S1	User Security Overview	Provides an explanation of the XDOC security model, as well as how XDOC processed user authentication with External Systems.
S2	Service Method Listing	Listing of the Methods / URL endpoints that XDOC will invoke in the External System.
S3	Method Result Data Fields	Lists the User attributes and other data fields expected to be included in the Method result data.
S4	Security Token and Security Considerations	Additional security mechanisms to prevent unauthorized access.