CMI 5 Working Group Meeting Minutes – August 29th, 2014 - AICC/CMI-5_Spec_Current GitHub Wiki

CMI 5 Working Group Meeting Minutes – August 29th, 2014

Attendees

• William A. McDonald – Boeing Flight Services
• Brandt Dargue – Boeing Research & Technology
• Ray Lowery – Pratt & Whitney
• Art Werkenthin – RISC Technology
• Ben Clark – Rustici Software
• Andy Johnson – ADL
• Tyler Mulligan - ADL
• Chris Handorf – Pearson
• Henry Ryng – INXSOL

Notes

The group continued to discuss the "Fetch URL" and Basic Authentication.

1. URL launch content with (Fetch URL name/value pair)

**2. Content calls the Fetch URL **

a. HTTP POST (so it not cached) b. One time use - if called c. if HTTP call fails - Normal HTTP error handling

3. Fetch URL returns the following

a. Return value in a JSON structure

     {
        "auth-token":"QWxhZGRpbjpvcGVuIHNlc2FtZQ=="
     }

b. content-type: application/json

c. Authentication token is Base 64 encoded "username:password"

d. (Informative) Please do not use a real userid/password. Use Generated "one-session" use user/passw for LRS communcation

e. on "successful 2nd use" HTTP message provide JSON error-handling structure

     {
        "error-code":"123"
        "error-text":"Token already in use.  Don't double-click !"  
     }

LMS will determine the text.(and lang, etc)

4. Content makes calls to LRS

a. URL to API

b. Message - HTTP Header - with basic Authentication token

Basic: {Token}  e.g.  username:{base64} 

	Authorization: Basic QWxhZGRpbjpvcGVuIHNlc2FtZQ==

                             myuser:mypassword

Per HTTP RFC 1945 - 11.1 Basic Authentication Scheme

See http://tools.ietf.org/html/rfc1945#section-11

All Previous CMI-5 Meeting Minutes (Prior to June 6th): http://aicccmi5.wikispaces.com/AICC+CMI5+Specification

All Previous CMI-5 Meeting Minutes (After June 6th): https://github.com/AICC/CMI-5_Spec_Current/wiki

CMI-5 on GitHub: https://github.com/AICC