| 121 | A short description of the steps in the above sequence diagram: |
| 122 | |
| 123 | 1. Clients sends a request to GeoNetwork, which is intercepted by !GeoNetworkSecurityFilter |
| 124 | 2. !GeoNetworkSecurityFilter retrieves !SecurityTokenMap from application scope |
| 125 | 3. !GeoNetworkSecurityFilter retrieves the current session id |
| 126 | 4. !GeoNetworkSecurityFilter checks whether current session id has an associated !SecurityToken in !SecurityTokenMap |
| 127 | 5. If not, !GeoNetworkSecurityFilter forwards the request to GAAP's !AuthenticationService; GAAP responds with a !SecurityToken |
| 128 | 6. !GeoNetworkSecurityFilter adds the !SecurityToken to !SecurityTokenMap |
| 129 | 7. !GeoNetworkSecurityFilter calls the method "authenticate()" in Jeeves !UserSession. For non-anonymous users this means, login to GeoNetwork |
| 130 | 8. !GeoNetworkSecurityFilter sets !UserSession in session scope |
| 131 | 9. The request continues normally to its GeoNetwork service destination |
| 132 | 10. The service response is returned to the client |
| 133 | |
| 134 | |