AuthHandoverState
Introduction and overview
This AuthState is used to replace an authenticated session with the session of another user. This pattern is used, e.g., for co-browsing support, where a call-center agent was authorized to act as the user on the phone.
Description
The following table describes the characteristics of the AuthState.
| Topic | Description |
|---|---|
| Class | ch.nevis.esauth.auth.states.standard.AuthHandoverState |
| Logging | StdStates |
| Auditing | none |
| Properties | none |
| Methods | process (all events) |
| Input | transferhandle (caller, optional)This field contains the handover handle, used to look for the other user's session. The handle can also be sent as an HTTP authorization header: Authorization: Basic <base64encode("transferhandle:" + value) |
| Transitions | ok: Session handover was successful. |
| invalid: No transfer handle was presented or the referenced session was not found. | |
| Output | none |
| Errors | 1: No session found for handle |
| Notes | none |
Example
<AuthState name="Handover" final="false"
class="ch.nevis.esauth.auth.states.standard.AuthHandoverState">
<ResultCond name="ok" next="AuthDone"/>
<ResultCond name="invalid" next="Handover"/>
<Response value="AUTH_ERROR">
<Gui name="ErrorDialog">
<GuiElem name="error" type="error" label="No session to handover" value="9"/>
</Gui>
</Response>
</AuthState>