.. _login_xml_services:
Login and Logout services
=========================
Login services
--------------
.. index:: xml.user.login
.. _xml.user.login:
GeoNetwork standard login (xml.user.login)
``````````````````````````````````````````
The **xml.user.login** service is used to
authenticate the user in GeoNetwork. Authenticated users can use XML services
that require authentication such as those used to maintain
group or user information.
Request
^^^^^^^
Parameters:
- **username** (mandatory): Login for the user to authenticate
- **password** (mandatory): Password for the user to authenticate
Login request example::
Url:
http://localhost:8080/geonetwork/srv/en/xml.user.login
Mime-type:
application/xml
Post request:
adminadmin
Response
^^^^^^^^
When user authentication is successful HTTP status code 200 is returned along with an XML response as follows::
If the response headers are examined, they will look something like the following:::
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Set-Cookie: JSESSIONID=1xh3kpownhmjh;Path=/geonetwork
Content-Type: application/xml; charset=UTF-8
Pragma: no-cache
Cache-Control: no-cache
Transfer-Encoding: chunked
The authentication process sets the **JSESSIONID** cookie with the authentication token. This token should be sent as part of the request to all services that
need authentication.
If the execution of the login request is not successful then an HTTP 500 status code error is returned along with an XML document that describes the exception/what went wrong. An example of such a response is:::
User login failedUserLoginExenuser.login
See :ref:`exception_handling` for more details.
Errors
^^^^^^
- **Missing parameter (error id: missing-parameter)**, when
mandatory parameters are not send. Returns 500 HTTP code
- **bad-parameter XXXX**, when an empty username or password
is provided. Returns 500 HTTP code
- **User login failed (error id: user-login)**, when login
information is not valid. Returns 500 HTTP code
Logout service
--------------
.. index:: xml.user.logout
Logout (xml.user.logout)
````````````````````````
The **xml.user.logout** service clears the user authentication session, removing the **JSESSIONID** cookie.
Request
^^^^^^^
Parameters:
- **None**:This request requires no parameters however the **JSESSIONID** token obtained from ``xml.user.login`` should be included as this is the session that will be cleared..
Logout request example::
Url:
http://localhost:8080/geonetwork/srv/en/xml.user.logout
Mime-type:
application/xml
Post request:
Response
^^^^^^^^
Logout response example::