dacs_current_credentials

DACS_CURRENT_CREDENT(8)     DACS Web Services Manual     DACS_CURRENT_CREDENT(8)



NAME
       dacs_current_credentials - display DACS credentials

SYNOPSIS
       dacs_current_credentials [dacsoptions[1]]

DESCRIPTION
       This program is part of the DACS suite.

       The dacs_current_credentials web service provides information about the
       credentials that accompany the request and the identities described by
       those credentials. It can be used to determine whether credentials are
       valid, confirm who they belong to, find out which roles are associated
       with the credentials, and so on.

       If user activity[2] data is available, dacs_current_credentials can also
       return information for the identity associated with each valid set of
       credentials, including the time of the last sign on and a description of
       any sign-on that is still "active" (i.e., has not expired and was not
       signed off). This information can be useful for detecting unauthorized
       account access, regardless of the authentication method used, and other
       potentially problematic activity.

       The FORMAT argument[3] determines the type of output, with the default
       being HTML, using the style sheet dacs_current_credentials.css[4]. If XML
       output is selected, a document conforming to
       dacs_current_credentials.dtd[5] is returned, which supplies additional
       information. The JSON format (RFC 7159[6]) is also recognized. The
       previous_auth and active_auth elements appear only when user activity
       tracking data is accessible. The previous_auth element is empty if there
       are not two or more records of authentication activity for the associated
       identity. For a given identity, an active_auth element is present for
       each authentication event for which there is no corresponding sign off
       event, other than the most recent one, and for which the issued
       credentials have not expired - these are "active sessions".
       Reauthentication as the same identity does not create a sign off event,
       however, and signing off (e.g., via dacs_signout(8)[7]) does not
       necessarily mean that a user agent has destroyed credentials (though that
       is normally the case). Also, a user can unilaterally destroy credentials
       (e.g., by terminating a browser session or removing cookies manually), so
       not all active sessions necessarily exist.

OPTIONS
   Web Service Arguments
       dacs_current_credentials accepts the following arguments in addition to
       the standard CGI arguments[8].

       DETAIL
           If "yes", this optional argument requests additional information. It
           is recognized only in conjunction with XML format output. By default,
           this argument can only be used by a DACS administrator (see
           dacs_admin()[9]). The activity tracking information is returned only
           if detail is requested.

EXAMPLE
       After authenticating[10] as DSS::INFOCARDS:bob, invoke
       dacs_current_credentials (HTML)[11] to view the identity (or identities)
       stored as a cookie in your browser. Information about the credentials can
       also be returned as XML[12].

FILES
       dacs_current_credentials.css[4]

DIAGNOSTICS
       The program exits 0 if everything was fine, 1 if an error occurred.

SEE ALSO
       dacs_authenticate(8)[13], dacs_signout(8)[7]

AUTHOR
       Distributed Systems Software (www.dss.ca[14])

COPYING
       Copyright © 2003-2015 Distributed Systems Software. See the LICENSE[15]
       file that accompanies the distribution for licensing information.

NOTES
        1. dacsoptions
           http://dacs.dss.ca/man/dacs.1.html#dacsoptions

        2. user activity
           http://dacs.dss.ca/man/dacs.1.html#tracking_user_activity

        3. FORMAT argument
           http://dacs.dss.ca/man/dacs.services.8.html#FORMAT

        4. dacs_current_credentials.css
           http://dacs.dss.ca/man//css/dacs_current_credentials.css

        5. dacs_current_credentials.dtd
           http://dacs.dss.ca/man/../dtd-xsd/dacs_current_credentials.dtd

        6. RFC 7159
           https://tools.ietf.org/html/rfc7159

        7. dacs_signout(8)
           http://dacs.dss.ca/man/dacs_signout.8.html

        8. standard CGI arguments
           http://dacs.dss.ca/man/dacs.services.8.html#standard_cgi_args

        9. dacs_admin()
           http://dacs.dss.ca/man/dacs.exprs.5.html#dacs_admin

       10. authenticating
           https://dacs.dss.ca/cgi-bin/dacs/dacs_authenticate?USERNAME=bob&PASSWORD=foozle&DACS_JURISDICTION=INFOCARDS&AUXILIARY=&DACS_BROWSER=1&COOKIE_SYNTAX=COOKIE_NETSCAPE

       11. invoke dacs_current_credentials (HTML)
           https://dacs.dss.ca/cgi-bin/dacs/dacs_current_credentials?FORMAT=HTML

       12. returned as XML
           https://dacs.dss.ca/cgi-bin/dacs/dacs_current_credentials?FORMAT=XML&DETAIL=yes

       13. dacs_authenticate(8)
           http://dacs.dss.ca/man/dacs_authenticate.8.html

       14. www.dss.ca
           http://www.dss.ca

       15. LICENSE
           http://dacs.dss.ca/man/../misc/LICENSE



DACS 1.4.40                        02/19/2019            DACS_CURRENT_CREDENT(8)