Authentication
This section describes the most common forms of authentication that is used in deployments for Maximo Asset Management and how to use the REST APIs for those authentication schemes.
Maximo native authentication
With native authentication, Maximo Asset Management is configured to manage the user repository along with the user credentials. Maximo Asset Management is responsible for authenticating the incoming REST call. The REST API expects the HTTP request with a MAXAUTH request header that has a base64 encoded userid:password. The following example shows a sample request:
POST /oslc/loginmaxauth: <base64 encoded user:pass><no body required>
LDAP based authentications
With LDAP based authentication, authentication for Maximo Asset Management is managed and validated by the application server.
BASIC
With BASIC authentication, authentication credentials in the application server are presented in the following format:
POST /oslc/loginAuthorization: BASIC <base64 encoded user:pass><no body required>
FORM
With FORM authentication, authentication credentials are presented in the following format:
POST /j_security_checkContent-type: application/x-www-form-urlencodedj_username=<userid>&j_password=<password>
Since this FORM request is a form encoded POST, the user ID and password values need to be URL encoded values. The response for this request will have the jsessionid cookie along with Ltpa token cookies (for Websphere). These cookies need to be reused for the subsequent API calls.
It is recommended for all authentication schemes that the authenticated session is reused for subsequent REST API calls by replaying the session and authentication based cookies from a successful authentication response. This helps with performance as the subsequent API calls reuse the session and does not need to reauthenticate for every request.
Sample JAVA client code for each of these authentication schemes can be referenced from the MaximoConnector.java code (method setAuth(..)) in the Maximo Connector code.