2.3 Open and Close the Server

Thru server can be opened in 4 different ways by Open, OpenImmutable, OpenImmutableImpersonate or OpenWithTicket web service calls used by Thru SSO Ticket server or SSO-based applications.

Each call returns FTHSessionData data structure which contains Session ID and User ID of the user who logged in.

2.3.1 Data Structures

2.3.1.1 FTHSessionData
User Session data

Data Type

Field Name

Description

Guid

SessionID

ID of a new session that is created in response to the call.
Should be supplied as parameter to all subsequent web service calls.

int

UserID

ID of Thru user account under which the connection is signed in.

2.3.2 Methods

2.3.2.1 Open

Open call opens the server using username and password and creates a session for given ApplicationID.
The session is alive until the next sign-in is done using Open or OpenWithTicket for the same user and the same ApplicationID, then new session replaces the previous.
Different applications are allowed to sign in concurrently under the same user.

FTHSessionData
Open(string userName, string password, int applicationID, string clientVersion)

Name

Description

username

Username for sign-in

password

Password for sign-in

applicationID

ApplicationID parameter should be picked by client developers and communicated to Thru to be reserved for specific client.
New ApplicationID value has to be added to the Thru Database table TBL_APPLICATION by Thru server administrator.
ApplicationID >=1000, values below 1000 are reserved for applications developed by Thru.

clientVersion

String that identifies connecting client software, will be recorded in Audit

2.3.2.2 OpenWithTicket

Accepts the ticket that contains user identity encrypted by Thru library on the client side. Encrypting party and Thru server should use the same password since encryption is symmetrical.
In order for OpenWithTicket call to succeed, Thru SSO product should be deployed on a customer’s LAN and a user whose identity is contained in the ticket had to be previously created by Thru SSO Sync server.
Thru SSO sync server synchronizes the contents of specified user group in corporate Active Directory with the user list in Thru server.

FTHSessionData
OpenWithTicket(string ticket, int applicationID)

Parameter Name

Description

ticket

String with the user identity encrypted by Thru libraries in SSO or other products.
Encrypting party and Thru server should use the same password for symmetric encryption/decryption.

applicationID

ApplicationID parameter should be picked by client developers and communicated to Thru to be reserved for specific client.
New ApplicationID value has to be added to the Thru Database table TBL_APPLICATION by Thru server administrator.
ApplicationID >=1000, values below 1000 are reserved for applications developed by Thru.

clientVersion

String that identifies connecting client software, will be recorded in Audit

2.3.2.3 OpenWithTicketEx

Accepts the ticket that contains user identity encrypted by a library on the client side.
Encrypting party and Thru server should use the same AES 256 bit symmetric encryption and same password Ticket is used for validation of the decrypting password and expiration purpose only,
the username string in the ticket is ignored. User is identified by EmailAddress string and session is created under the user with this email address.
If a user with the EmailAddress does not exit, user is created with FirstName, LastName and EmailAddress.

Ticket contains the following fields in encrypted form:

Encrypted ticket will contain the following information in the encrypted form – example:

<token timestamp="mm/dd/yyyy hh:mm:ss">
<sitename>yoursite.thruinc.net</sitename>
<username> DomainName\UserName</username>
</token>

FTHSessionData
OpenWithTicketEx (string ticket, string EmailAddress, string FirstName, string LastName, int applicationID, string ClientVersion)

Parameter Name

Description

ticket

String with the user identity encrypted by Thru libraries in SSO or other products.
Encrypting party and Thru server should use the same password for symmetric encryption/decryption.

EmailAddress

Email address of the user account which will be used to login.
If user with this email does not exist, new account will be created with this email address

FirstName

First name of the connecting user. Will be used if new user is created

LastName

Last name of connecting user. Will be used if new user is created

applicationID

ApplicationID parameter is API key which is issued to client developers by Thru.
New ApplicationID value should be added to Thru site database by Thru operations team.

clientVersion

String that identifies connecting client software, will be recorded in Audit

2.3.2.4 OpenImmutable

Similar to Open call but the new session created in immutable mode, it will not be deleted when the next call is made which opens the server under  the same user and AplicationID. Used when session concurrency is required for one user account. Immutable sessions are cleaned automatically every 48 hours from the time they are created.

For SFTP and FTPS Application IDs the same immutable sessionID is returned which is already in use for given user. For other Application IDs multiple different immutable sessionIDs are crested on subsequent calls.

FTHSessionData
OpenImmutable(string userName, string password, int applicationID)

Parameter Name

Description

username

Username for sign-in

password

Password for sign-in

applicationID

ApplicationID parameter should be picked by client developers and communicated to Thru to be reserved for specific client.
New ApplicationID value has to be added to the Thru Database table TBL_APPLICATION by Thru server administrator.
ApplicationID >=1000, values below 1000 are reserved for applications developed by Thru.

clientVersion

String that identifies connecting client software, will be recorded in Audit

2.3.2.5 OpenImmutableImpersonate

Used when it is required to sign as a different user to perform and log the operation under the userID, which requires creation of a new user session token SessionID.
New session is created as immutable, session concurrency will be allowed.
Immutable sessions are cleaned automatically every 48 hours from the time they were created, or can be closed by explicit Close web service call.

FTHSessionData
OpenImmutableImpersonate(Guid serviceSessionId, int userID, int applicationID, string ipAddress)

Parameter Name

Description

serviceSessionId

Active session for a user who has privileges to impersonate to other session for sign-in.

userID

ID of a user who will be impersonated by a service user

applicationID

ApplicationID parameter should be picked by client developers and communicated to Thru to be reserved for specific client.
New ApplicationID value has to be added to the Thru Database table TBL_APPLICATION by Thru server administrator.
ApplicationID >=1000, values below 1000 are reserved for applications developed by Thru.

ipAddress

String that identifies IP address of the client workstation or firewall of a user who will be impersonated by a service user.

2.3.2.6 OpenImmutableUserString

Similar to Open call but the new session created in immutable mode, it will not be deleted when the next call is made which opens the server under  the same user and AplicationID. Used when session concurrency is required for one user account. Immutable sessions are cleaned automatically every 48 hours from the time they are created.

For SFTP and FTPS Application IDs the same immutable sessionID is returned which is already in use for given user. For other Application IDs multiple different immutable sessionIDs are crested on subsequent calls.

If userString argument is passed, the value is recorded in Thru Audit on each file upload, download file delete operation.
If userString argument is passed, the value is recorded in Thru Audit on each file upload, download file delete operation.

FTHSessionData
OpenImmutableUserString(Guid serviceSessionId, int userID, int applicationID, string ipAddress, string userString)

Parameter Name

Description

username

Username for sign-in

password

Password for sign-in

applicationID

ApplicationID parameter should be picked by client developers and communicated to Thru to be reserved for specific client. New ApplicationID value has to be added to the Thru Database table TBL_APPLICATION by Thru server administrator.
ApplicationID >=1000, values below 1000 are reserved for applications developed by Thru.

clientVersion

String that identifies connecting client software, will be recorded in Audit

userString

String to pass information about external user. If supplied, the value is recorded in Thru Audit on each file upload, download file delete operation in external user field. Max length 255 characters.

2.3.2.7 Close

Close web call deletes existing user session.

Void
Close(Guid sessionID)

Parameter Name

Description

sessionID

Active user session to be deleted