Business-cXML
view release on metacpan or search on metacpan
lib/Business/cXML.pm view on Meta::CPAN
$tx->add(URL => $self->{local});
foreach my $opt (grep { $_ ne '__handler' } keys (%{ $self->{routes}{$route} })) {
$tx->add('Option', $self->{routes}{$route}{$opt}, name => $opt);
};
};
}
=item C<B<sender_callback>( I<$sub> )>
By default, a request's From/Sender credentials are only used to guess
response credentials. If you specify a callback here, it will be invoked
immediately after XML parsing, before passing to transaction handlers, giving
you an opportunity to authenticate the caller.
Your subroutine will be passed 3 arguments:
=over
=item 1. The current L<Business::cXML> object
=item 2. The Sender L<Business::cXML::Credential> object
lib/Business/cXML/Transmission.pm view on Meta::CPAN
B<Permanent errors:>
=over
=item C<400> Bad Request
Parsed OK but unacceptable
=item C<401> Unauthorized
Request/Sender credentials not recognized
=item C<402> Payment Required
Need complete Payment element
=item C<403> Forbidden
Insufficient privileges
=item C<406> Not Acceptable
t/xml-catalog/cXML-1.2.036/cXML.dtd view on Meta::CPAN
For cXML license agreement information, please see
http://www.cxml.org/home/license.asp
$Id: //ariba/cxml/Modules/Profile.mod#6 $
-->
<!--
AuthRequest
An AuthRequest is used when one party (the "receiver") receives
credentials from another party (the "principal") and the receiver
needs a trusted third party to validate the credentials. The
receiver should enclose the credentials in an AuthRequest and send
them to the trusted third party for validation.
If the principal attempts to authenticate by revealing the shared
secret between itself and the trusted third party (not
recommended), the receiver should forward the credentials as they
were received, including the shared secret.
If the principal attempts to authenticate through a client
certificate (recommended), the receiver should forward the
credentials as well as an X509Data element containing an
X509IssuerSerial element describing the certificate used by the
principal (the receiver normally obtains this information from its
webserver or SSL/TLS implementation).
If the supplied credential is invalid, the trusted third party
should respond with an empty cXML response of status 403
(Forbidden). If the supplied credential is valid, the trusted
third party should respond with an AuthResponse that contains the
valid credentials.
-->
<!ELEMENT AuthRequest (Credential+, X509Data?)>
<!--
X509Data
An X509Data element is constructed to describe an X.509 client
certificate being used for authentication. This element (and its
children) are derived from the XML Digital Signature standard ().
-->
t/xml-catalog/cXML-1.2.036/cXML.dtd view on Meta::CPAN
X509CRL
This element contains a Base 64-encoded X.509v3 Certificate
Revocation List.
-->
<!ELEMENT X509CRL (#PCDATA)> <!-- string -->
<!--
AuthResponse
This response returns a list of valid credentials of the person
entity in the AuthRequest. An AuthResponse is returned only for a
successful authentication; for failed authentications, an empty
response with status 403 (Forbidden) will be returned.
expirationDate
Specifies the time beyond which the information contained in
the AuthResponse must be discarded. In other words, the
inclusion of the expirationDate attribute specifies that the
receiver of the AuthResponse may cache the information therein
until the expirationDate.
( run in 0.431 second using v1.01-cache-2.11-cpan-a5abf4f5562 )