User authentication

Storage Advisor Embedded User Guide

Version
93-07-2x
88-08-12
Audience
anonymous
Part Number
MK-97HM85022-25

User authentication is required to operate the storage system. To perform user authentication, the Authorization header must be specified.

Authentication by user ID and password

When you create a session, specify authentication information in the following format in the Authorization header:

Authorization: Basic authentication-information
authentication-information
Specify a Base64-encoded character string in which the user ID and password are concatenated with a colon (:). Use the user ID and password of a user account that can perform operations on storage system resources.

When using the REST API, you can use the characters in the following table for the user ID and password.

Item

Number of characters

Specifiable characters

User ID

1 through 63 characters

  • Alphanumeric characters
  • The following symbols:

    Exclamation mark (!), hash mark (#), dollar sign ($), percent sign (%), ampersand (&), single quotation mark ('), asterisk (*), plus sign (+), hyphen (-), period (.), forward slash (/), equal sign (=), question mark (?), at sign (@), caret (^), underscore (_), grave accent mark (`), left curly bracket ({), vertical bar (|), right curly bracket (}), tilde (~)

Password

6 through 63 characters

  • Alphanumeric characters
  • ASCII symbols which can be keyed in except space:

    Exclamation mark (!), quotation mark ("), hash mark (#), dollar sign ($), percent sign (%), ampersand (&), single quotation mark ('), left parenthesis ((), right parenthesis ()), asterisk (*), plus sign (+), comma (,), hyphen (-), period (.), forward slash (/), colon (:), semicolon (;), left angle bracket (<), equal sign (=), right angle bracket (>), question mark (?), at sign (@), left square bracket ([), back slash (\), right square bracket (]), caret (^), underscore (_), grave accent mark (`), left curly bracket ({), vertical bar (|), right curly bracket (}), tilde (~)

Note:

The number of characters and the strings that can be used differ depending on the password policy. For details, see the section explaining password policies in the System Administrator Guide.

The following is an example of the Authorization header where the user ID is sample-user, and the password is sample-password:

Authorization: Basic c2FtcGxlLXVzZXI6c2FtcGxlLXBhc3N3b3Jk

Authentication by sessions

In the Authorization header, specify the authentication information for the session in the following format:

Authorization: Session token
Token
A token is authentication information that is returned after a session is created. This information is used to determine whether the request was issued from an authorized user.

Example of the Authorization header:

Authorization: Session b74777a3f9f04ea8bd8f09847fac48d3

In the REST API, session-based user authentication is performed. A session is always generated first when a REST API client accesses the REST API server and starts an operation. In the request that generates a session, the user ID and password are used for authentication to access the storage system. After a session is created, specify session information for the Authorization header to perform authentication based on the session information.

Request line:

POST base-URL/v1/objects/sessions

Response message:

{
  "token": "b74777a3f9f04ea8bd8f09847fac48d3",
  "sessionId": 3
}