When users access the protected iServer services, each
request related with the services resources should carry a valid Token.
Users can apply Token from iServer by the following steps.
- Login to the url http://localhost:8090/iserver/services/security/login
- Enter service list page (http://SuperMapiServer:8090/iserver/services).
Click Token option in username's dropdown list. It
will jumpt to http://SuperMapiServer:8090/iserver/services/security/tokens
(Access
local service).
- Input related parameters and click Create
Token to get Token:
User Name: account
registered and has the permission to access services.
Password: user
password.
Grant Token Method:
include the following 4 types
- HTTP Referer: specify the client end address
using Token, that is, GIS service client end homepage services. This
method could bind the URL for accessing services. When users access
GIS services using other URL, the request will be rejected even though
carries Token. This method is applicable to build Web application
by iClient (E.g., SuperMap iClient for JavaScritp) or other applications
based on REST.
- Client IP: specified IP address to use Token.
This method binds the IP address accessing GIS services. When users
access GIS service using other IP address, server will reject even
though carries Token.
- Current request IP: specify current IP address
sending request is an IP address using Token. In this way, only the
IP applying for Token can use Token.
- NONE: No limitations for the token
Validity: the
Token is valid during the duration time from Token issued time. Token
with shorter validity is safer, because a malicious user intercepted Token
can be used only within a short period of time. However, short validity
means that the application needs to request new Token more frequently.
Users can apply Token by many presentation formats,
see REST
API.