User Manager

System and Message Overviews

Document Version: 5.2

Date: March 19, 2014


Copyright © 2009-2023 Jeppesen. All rights reserved. Your use of the AIM Bookshelf and all supporting documentation is subject to a separate license agreement between you and Jeppesen, a copy of which is included in the zip file or can be obtained from Jeppesen. The AIM Bookshelf is delivered "AS IS" without warranty of any kind and is not guaranteed to be free from errors or defects. You rely on the AIM Bookshelf at your own risk. No support for the AIM Bookshelf is implied through its publication. The AIM Bookshelf is intended solely for use as a reference and examples of interfaces to Jeppesen systems. Jeppesen may revise, update or cease publication at any time, without notice. Building to the specifications set forth in the AIM Bookshelf does not mean that your intended integration needs will be met or that an interface will function as documented. We recommend contacting Jeppesen directly to discuss professional services options with respect to production application integration and validation efforts.

 


Document Revision History

The following revision history table reflects all substantive changes to this document.

Date

Description of Updates Made

04-August-08

No changes since previous release.

01-October-09 Updates to UM001.
31-March-10

Updates to UM001.

31-July-10 Updated UM001 from DRAFT to version 1.
30-August-10 Updated links for new Bookshelf directory structure.
23-July-13 New XSD.
19-March-14 New XSD. Upgraded UM001 to v2, and UM002 to vB to change "corporteCode" from 7 char length, to 80 char length.


Table Of Contents

 


1 Introduction

This document defines the interfaces which govern the interchange of data between a User Manager system and other systems within an Airline Operation Center (AOC).  Each AOC interface is represented by a message described in an associated XSD (XML Schema Definition). The XSD defines and enforces the required, optional, and conditional data that can be included in a message.

 User Manager system is an AOC shared service for managing users as well as application roles and permissions.

1.1  Audience

The intended audience for this document includes existing and potential Jeppesen customers, integration partners, and personnel with roles associated with application architecture, application development, system testing, implementation, and application support within User Manager.

1.2  Scope

This document discusses the User Manager messages currently supported by the Jeppesen Solution Integrator. Each message description includes the following:

  • Overview for common message uses within an AOC
  • Message Version Summary listing all available versions of each message
  • Links to the message specifications including direct links to XSD documentation, where you can explore the XSD hierarchy and interface specifications in a navigable HTML format
  • Links to the XSD source code
  • Links to sample XML messages for each AOC message

Other data interfaces or formats not included in this document will be considered custom and not supported.

1.3  XML Schema/XSD

The XML schema for this ICD is published in the following file: UserManagement.xsd

2  Message Summary

Table 2-1 lists the messages that can be sent or handled by the application. The messages originated by this application (messages that begin with “UM”) are further discussed in Section 3 AOC Interface Messages.

Table 2-1 Message Summary

ID

Message

Publish

Subscribe

Request

Response

UM001

User Login

 

 

X

X

UM002

Change Password

 

 

X

X

 

3 AOC Interface Messages

The following messages are processed by the User Manager system.

NOTE: When a user is created using the User Manager, the user's password is stored in the database using MD5 encryption. The value of the password element of LoginType elements in UM messages (UM001, UM002) must already be MD5 encrypted by the client product.  Authentication is based on an exact match between the two strings. To ensure client products can reproduce the encrypted password string created by the User Manager application, client products should follow these guidelines:

  • Use a MD5 hashing library that adheres to Request for Comments: 1321, MIT Laboratory for Computer Science and RSA Data Security, Inc., April 1992
  • Only the user's password should be used to compute the hash
  • The range of byte values of characters in the password (prior to encryption) should be 0x20 to 0x7E (ISO 8859-1 alphanumeric characters)
  • The encrypted string should be a 24-character Base64-encoding of a 16-byte MD5 digest

Example: the password abcd1234 should be represented by the encrypted string: 4Z1c1a8DeNoF9j+JHHRnrw==

3.1 UM001 – User Login

3.1.1  Message Overview

AOC User Manager provides a single interface through which AOC administrators can create users and manage their access to all integrated applications within an Airline Operation Center. With this behind-the-scenes application, user accounts are created and configured to allow role-based access to any product in their AOC. The end-users of various products within an AOC log onto a product through the product’s standard logon screen, the product sends a message to AOC User Manager to authenticate the user, and then AOC User Manager returns the end-user’s specific permissions and settings for that product.

This message features both a Request (from a product to User Manager) and a Response (from User Manager back to the product).

UM001 Request:
Products send the UM001 Request message to User Manager upon the user’s initial logon. The message contains all of the information required to authenticate that user including the user’s username and password. For example, John Smith logs onto OPSControl, and OPSControl sends a UM001 Request message to User Manager containing his authentication information.

UM001 Response:
After receiving the Request message from a product, AOC User Manager sends the UM001 Response which validates that the user has permission to access the product, and includes the user’s roles and configurable elements as defined in the AOC User Manager application. For example, after OPSControl sends the UM001 Request, User Manager constructs a Response message that states John Smith is a valid user, attaches the pre-defined role of Dispatcher, and includes the list of other elements configured specifically for the user (John Smith), role (Dispatcher), airline (Jepp Airs) and corporation (Jeppesen). If the user has entered incorrect logon information or does not have permission to access the product, then the UM001 Response will contain the appropriate error.

3.1.2  Message System Flow

This message interacts with the systems as shown in Figure 1.

UM001 message system flow

Figure 1. UM001 message system flow

3.1.3   Message Details

The following table provides details on the message version and includes links to the message’s technical specification.

Message Version

UM001 v2

Message Header Details (REQUEST/RESPONSE)

msgName: UM001
msgClass: REQUEST/RESPONSE
version: 2

Message Specification

UM001 UserLoginRequestType
UM001 UserLoginResponseType

Defined in XSD

UserManagement.xsd

Sample Messages

Samples not yet available for this message version.

Message Version History Version 1
* No changes.

Version 2
* Changed "corporteCode" from 7 char length, to 80 char length.

 

3.2 UM002 – Change Password

3.2.1 Message Overview

AOC Administrators can manage users’ passwords for all integrated AOC applications from the AOC User Manager. General password settings such as expiration rules and password complexity are set using the User Manager application at the corporation level. Individual passwords are set and managed in User Manager at the user level.

This message features both a Request (from a product to User Manager) and a Response (from User Manager back to the product).

UM002 Request
The product sends a UM002 Request message at the time the user either selects to change his password or is forced by the system to change his password. The UM002 Request is sent from the product to User Manager in the following situations:

  • The user’s password has expired
  • The password reset period limit is reached (e.g. “your password will expire in 7 days, do you want to change it now?”)
  • This is the first time that the user is logging in
  • The user selects to change his/her password

UM002 Response
After receiving the UM002 Request from a product for a password change, User Manager sends a UM002 Response message either stating that the password has been successfully updated or that an error has occurred.

Possible errors include not meeting the password complexity requirements as defined in User Manager or attempting to use a previously-used password.

3.2.2  Message System Flow

This message interacts with the systems as shown in Figure 2.

UM002 message system flow

Figure 2. UM002 message system flow

3.2.3  Message Details

The following table provides details on the message and includes links to the message’s technical specification.

Message Version

UM002 vB

Message Header Details (REQUEST/RESPONSE)

msgName: UM002
msgClass: REQUEST/RESPONSE
version: B

Message Specification

UM002 ChangePasswordRequestType
UM002 ChangePasswordResponseType

Defined in XSD

UserManagement.xsd

Sample Messages

Samples not yet available for this message version.

Message Version History Initial version

Version B
* Changed "corporteCode" from 7 char length, to 80 char length.