|
|
Each time a client makes a request to open a title, the server notifies Windows Media Player that user authentication is required. Regardless of which authentication type is being used, authentication involves the exchange of data between the client, the server, and the authenticator. The server requests data from the client, such as a user name and password, and passes that to the authenticator for inspection. The authenticator notifies the server through a callback method that the authentication either is finished, or that a further exchange of data is necessary to complete the authentication process.
The exchange of data continues until either the authenticator notifies the server through the callback that authentication is finished, or an error occurs. Theoretically, the data exchange can continue forever; however, most authentication schemes involve only one through three exchanges.
Windows Media Player prompts the user for user name and password credentials, and dispatches the credentials to the server. The server then passes them to the authenticator for inspection and validation. The authenticator, using its own private user account database, validates the data and notifies the server of the result. The server then grants or denies the client access to the content based on the result.
The following chart depicts the interaction between the client, the server, and the authenticator using the HTTP-BASIC authentication protocol.
