WSAccessControl Class

Web service class for working with access control

Inheritance Hierarchy

SystemObject
AppOne.Services.V2BaseService
AppOne.Services.V2.MethodsWSAccessControl

Namespace: AppOne.Services.V2.Methods
Assembly: AppOne.Web.Service (in AppOne.Web.Service.dll) Version: 1.0.141

Syntax

JavaScript

Copy

public class WSAccessControl : BaseService

AppOne.Services.V2.Methods.WSAccessControl = function();

Type.createClass(
	'AppOne.Services.V2.Methods.WSAccessControl',
	AppOne.Services.V2.BaseService);

The WSAccessControl type exposes the following members.

Methods

	Name	Description
	GetSSOEnabled	Returns a GetSSOEnabledOut result model to determine if a customer is SSO enabled.
	GetSSOLink	Returns a GetSSOLinkOut result model.
	GetToken	Returns a GetTokenOut result model

Top

Remarks

This class contains all the necessary methods/operations for working with user access control

Note
Business Rules: Single sign on (SSO) operations will require a shared key in order for the connection to pass. Setup: Configuration > Web Services

Caution
The base SSO calls that return the link for redirection are only available for 2 minutes after that time the link will expire.

Additional SSO Info:

Single sign-on within the time-web system is managed at a client/customer level. Each time web services client (CustomerAlias) must enable SSO services. These services can be enabled by navigating to Configuration > General > Web Services. Once the SSO service is enabled it will generate a private GUID SSO shared key that is unique to that client. This key is then used as one of the parameters in the various methods to retrieve the SSO authentication URL. Please note that any SSO redirect URL that is returned from an SSO service is only valid for a few minutes. If it has not been used then it will become invalid.

Your company may manage its own time-web brand. If this is the case then you would have been given a URL such as https://yourbrand.centralservers.com where "yourbrand" is the name of the brand assigned to your company. If a brand is something that your company has access to then you will have the ability to create a global SSO key that can be used across every client. This will allow you to program your applications with a single SSO key that can be used across multiple clients. It is also important to note SSO does not need to be enabled at the brand level. When you enable SSO at the brand level it basically allows you to enabled access of the shared key GUID across the clients that are part of a brand. The brand can technically not be enabled yet the client SSO will still work, pending it is enabled.

Caution
Single Sign-on is composed of several touch points. For example SSO must initially be enabled in the system configuration and is not dependent of time-web web services being enabled. SSO can also be controlled at an individual employee level allowing one employee to work and another employee not. SSO can also be interrupted by IP requirement checks made in the configuration security menus. When testing your SSO connectivity points be sure that all of the configuration items are enabled correctly.

Caution

Single Sign-on is composed of several touch points. For example SSO must initially be enabled in the system configuration and is not dependent of time-web web services being enabled. SSO can also be controlled at an individual employee level allowing one employee to work and another employee not. SSO can also be interrupted by IP requirement checks made in the configuration security menus. When testing your SSO connectivity points be sure that all of the configuration items are enabled correctly.

Reference

AppOne.Services.V2.Methods Namespace

GetLaborLevelModel