sessiongenerate

sessiongenerate — Generate a session cookie.

Mode Description

In order to interact with some web based parts of the site, such as the comment exporter, it is often useful to be able to generate a login cookie without having to actually post login information to the login.bml page. This mode will, with proper authentication, provide you with a session cookie to use for authentication purposes.

Arguments

  1. [struct](required)

    Containing keys:

    • username(required):

      • [scalar](required) Username of user logging in.

    • auth_method(optional):

      • [scalar](required) Authentication method used for this request. The default value is "clear", for plain-text authentication. "cookie" and any of the challenge-response methods are also acceptable.

    • password(optional):

      • [scalar](required) Deprecated. Password of user logging in in plaintext. If using the "clear" authentication method, either this or "hpassword" must be present.

    • hpassword(optional):

      • [scalar](required) Deprecated. MD5 digest of user's password. Not much more secure than password, but at least it's not in plain text.

    • auth_challenge(optional):

      • [scalar](required) If using challenge-response authentication, this should be the challenge that was issued to you by the server.

    • auth_response(optional):

      • [scalar](required) If using challenge-response authentication, this should be the response hash that you generate, based on the formula required for your challenge.

    • ver(optional):

      • [scalar](required) Protocol version supported by the client; assumed to be 0 if not specified. See Chapter 27, Protocol Versions for details on the protocol version.

    • expiration(optional):

      • [scalar](required) Sessions can either expire in a short amount of time or last for a long period of time. You can specify either "short" or "long" as the value of this parameter. Short is 24 hours, long is 30 days.

    • ipfixed(optional):

      • [scalar](required) If specified and true, this will cause the server to generate a session that is only valid from the IP address the sessiongenerate request was sent from. If you leave out this value, it will default to allowing any IP address to use this session information.

Example 33. Sample call to LJ.XMLRPC.sessiongenerate

POST /interface/xmlrpc HTTP/1.0
User-Agent: XMLRPC Client 1.0
Host: www.livejournal.com
Content-Type: text/xml
Content-Length: 542

<?xml version="1.0"?>
<methodCall>
<methodName>LJ.XMLRPC.sessiongenerate</methodName>
<params>
<param>

<value><struct>
<member><name>username</name>
<value><string>test</string></value>
</member>
<member><name>password</name>

<value><string>test</string></value>
</member>
<member><name>ver</name>
<value><int>1</int></value>

</member>
<member><name>expiration</name>
<value><string>long</string></value>
</member>

<member><name>ipfixed</name>
<value><string>1</string></value>
</member>

</struct></value>
</param>
</params>
</methodCall>


Return Values

  1. [struct](required)

    Containing keys:

    • ljsession(required):

      • [scalar](required) The session generated.

Example 34. Sample return value for LJ.XMLRPC.sessiongenerate

HTTP/1.1 200 OK
Connection: close
Content-length: 228
Content-Type: text/xml
Date: Fri, 26 Mar 2004 18:14:17 GMT
Server: Apache/1.3.4 (Unix)

<?xml version="1.0" encoding="UTF-8"?>
<methodResponse>
<params>
<param>
<value><struct>

<member><name>ljsession</name>
<value><string>ws:test:124:zfFG136kSz</string>
</value></member>

</struct></value>
</param>
</params>
</methodResponse>