Login requests for the Xephr server proceed as follows:
The caller request provides Xephr user, Xephr password and Xephr host (either explicitly from Xephr Studio, or implicitly in the URL used to make the request).
The host configuration for the Xephr host is examined and the repository associated with that host is determined.
The repository configuration is located and a connection pool for the appropriate data store is created if not already present.
A connection to the metadata repository data store is acquired.
The default datasource name is read from the repository configuration record and stored.
The xephr users table is read to determine whether the user exists, and if the provided password is correct. If not, an error is returned to the caller.
The user's role tokens, datasource overrides and global value presets are read and stored.
The action requested by the caller may require a token (permission) before it can proceed. If so, then the user's role tokens are examined and if the required token is present, the action proceeds and if not, the action request is refused and an error message returned to the caller.
Xephr is a registered trademark of NDS Systems, LC.
Copyright