User Manager
System and Message Overviews
Document Version: 5.2
Date: March 19, 2014
Document Revision History
The following revision history table reflects all substantive changes to this document.
| Date | Description of Updates Made |
04-August-08 |
No changes since previous release. |
| 01-October-09 | Updates to UM001. |
| 31-March-10 | Updates to UM001. |
| 31-July-10 | Updated UM001 from DRAFT to version 1. |
| 30-August-10 | Updated links for new Bookshelf directory structure. |
| 23-July-13 | New XSD. |
| 19-March-14 | New XSD. Upgraded UM001 to v2, and UM002 to vB to change "corporteCode" from 7 char length, to 80 char length. |
Table Of Contents
1 Introduction
This document defines the interfaces which govern the interchange of data between a User Manager system and other systems within an Airline Operation Center (AOC). Each AOC interface is represented by a message described in an associated XSD (XML Schema Definition). The XSD defines and enforces the required, optional, and conditional data that can be included in a message.
User Manager system is an AOC shared service for managing users as well as application roles and permissions.
1.1 Audience
The intended audience for this document includes existing and potential Jeppesen customers, integration partners, and personnel with roles associated with application architecture, application development, system testing, implementation, and application support within User Manager.
1.2 Scope
This document discusses the User Manager messages currently supported by the Jeppesen Solution Integrator. Each message description includes the following:
- Overview for common message uses within an AOC
- Message Version Summary listing all available versions of each message
- Links to the message specifications including direct links to XSD documentation, where you can explore the XSD hierarchy and interface specifications in a navigable HTML format
- Links to the XSD source code
- Links to sample XML messages for each AOC message
Other data interfaces or formats not included in this document will be considered custom and not supported.
1.3 XML Schema/XSD
The XML schema for this ICD is published in the following file: UserManagement.xsd
2 Message Summary
Table 2-1 lists the messages that can be sent or handled by the application. The messages originated by this application (messages that begin with “UM”) are further discussed in Section 3 AOC Interface Messages.
Table 2-1 Message Summary
3 AOC Interface Messages
The following messages are processed by the User Manager system.
NOTE: When a user is created using the User Manager, the user's password is stored in the database using MD5 encryption. The value of the password element of LoginType elements in UM messages (UM001, UM002) must already be MD5 encrypted by the client product. Authentication is based on an exact match between the two strings. To ensure client products can reproduce the encrypted password string created by the User Manager application, client products should follow these guidelines:
- Use a MD5 hashing library that adheres to Request for Comments: 1321, MIT Laboratory for Computer Science and RSA Data Security, Inc., April 1992
- Only the user's password should be used to compute the hash
- The range of byte values of characters in the password (prior to encryption) should be 0x20 to 0x7E (ISO 8859-1 alphanumeric characters)
- The encrypted string should be a 24-character Base64-encoding of a 16-byte MD5 digest
Example: the password abcd1234 should be represented by the encrypted string: 4Z1c1a8DeNoF9j+JHHRnrw==
3.1 UM001 – User Login
3.1.1 Message Overview
AOC User Manager provides a single interface through which AOC administrators can create users and manage their access to all integrated applications within an Airline Operation Center. With this behind-the-scenes application, user accounts are created and configured to allow role-based access to any product in their AOC. The end-users of various products within an AOC log onto a product through the product’s standard logon screen, the product sends a message to AOC User Manager to authenticate the user, and then AOC User Manager returns the end-user’s specific permissions and settings for that product.
This message features both a Request (from a product to User Manager) and a Response (from User Manager back to the product).
UM001 Request:
Products send the UM001 Request message to User Manager upon the user’s initial logon. The message contains all of the information required to authenticate that user including the user’s username and password. For example, John Smith logs onto OPSControl, and OPSControl sends a UM001 Request message to User Manager containing his authentication information.
UM001 Response:
After receiving the Request message from a product, AOC User Manager sends the UM001 Response which validates that the user has permission to access the product, and includes the user’s roles and configurable elements as defined in the AOC User Manager application. For example, after OPSControl sends the UM001 Request, User Manager constructs a Response message that states John Smith is a valid user, attaches the pre-defined role of Dispatcher, and includes the list of other elements configured specifically for the user (John Smith), role (Dispatcher), airline (Jepp Airs) and corporation (Jeppesen). If the user has entered incorrect logon information or does not have permission to access the product, then the UM001 Response will contain the appropriate error.
3.1.2 Message System Flow
This message interacts with the systems as shown in Figure 1.
Figure 1. UM001 message system flow
3.1.3 Message Details
The following table provides details on the message version and includes links to the message’s technical specification.
Message Version |
UM001 v2 |
Message Header Details (REQUEST/RESPONSE) |
msgName: UM001 |
Message Specification |
|
Defined in XSD |
|
Sample Messages |
Samples not yet available for this message version. |
| Message Version History |
Version 1
* No changes. Version 2 * Changed "corporteCode" from 7 char length, to 80 char length. |
3.2 UM002 – Change Password
3.2.1 Message Overview
AOC Administrators can manage users’ passwords for all integrated AOC applications from the AOC User Manager. General password settings such as expiration rules and password complexity are set using the User Manager application at the corporation level. Individual passwords are set and managed in User Manager at the user level.
This message features both a Request (from a product to User Manager) and a Response (from User Manager back to the product).
UM002 Request
The product sends a UM002 Request message at the time the user either selects to change his password or is forced by the system to change his password. The UM002 Request is sent from the product to User Manager in the following situations:
- The user’s password has expired
- The password reset period limit is reached (e.g. “your password will expire in 7 days, do you want to change it now?”)
- This is the first time that the user is logging in
- The user selects to change his/her password
UM002 Response
After receiving the UM002 Request from a product for a password change, User Manager sends a UM002 Response message either stating that the password has been successfully updated or that an error has occurred.
Possible errors include not meeting the password complexity requirements as defined in User Manager or attempting to use a previously-used password.
3.2.2 Message System Flow
This message interacts with the systems as shown in Figure 2.
Figure 2. UM002 message system flow
3.2.3 Message Details
The following table provides details on the message and includes links to the message’s technical specification.
Message Version |
UM002 vB |
Message Header Details (REQUEST/RESPONSE) |
msgName: UM002 |
Message Specification |
UM002 ChangePasswordRequestType |
Defined in XSD |
|
Sample Messages |
Samples not yet available for this message version. |
| Message Version History | Initial version
Version B * Changed "corporteCode" from 7 char length, to 80 char length. |