|
|
This sample authenticator, written in C++, provides a working example of how to write a NetShow Theater Server authentication plug-in component. The source code can be found under \NetShowTheaterRoot\SDK\Samples\Authentication\DBAuthen directory. Here, \NetShowTheaterRoot is the root directory where NetShow Theater Server is installed. Typically, this corresponds to \Program Files\Microsoft NetShow\Theater\.
You can build the component either in Microsoft® Visual Studio® 97 (open the NSDBAuthenPlugin.dsw workspace file, and then click Build from the Tools menu) or from an MS-DOS shell by issuing the NMAKE -f NSDBAuthenPlugin.mak command. You also need to run the NBAuthen.REG script from a MS-DOS window. The script file can be found in the \NetShowTheaterRoot\SDK\Samples\Commerce\Dlls directory. This script adds the \HKEY_LOCAL_MACHINE\Software\Microsoft\NetShow\Servers\Default\Authentication\HTTP BASIC-Database key to the system registry. NetShow Theater Server uses this key to determine if this sample authentication plug-in component is to be used for client authentication. The registry entries contain information about the data source as well as the user name/password that must be used to access the data source. The database schema is specified in \NetShowTheaterRoot\SDK\Samples\Commerce\Store\Config\SQL\SQLSvr\schema.sql.
This sample component implements the HTTP-BASIC authentication mechanism. The main components consist of the following three classes:
These three classes are contained in NSDBAuthen.cpp, authctx.cpp, and dataAccess.cpp files, respectively. The NSDBAuthen class implements the INNSAuthenticator interface and the CAuthenticationContext implements the INSSUserAuthentication interface. For specifications of these two interfaces, see the Authentication API overview in the NetShow Theater Server Administration SDK. Together, they handle communications between a server and the component. They rely on the CDataAccess object to implement the authentication policy based on the information available in a registered custom database.
When the server attempts to initialize the authenticator object, an instance of the NSDBAuthen class, the object queries the \HKEY_LOCAL_MACHINE\Software\Microsoft\NetShow\Servers\Default\Authentication\HTTP BASIC-Database key in the system registry. Listed under this key are the "DataSource", "DataUserName", "DataUserPassword", "DataTableName", "DataUserField", and "DataPasswordField" values. In addition, if the "LogFile" value is added, NetShow Theater Server creates a log file. If all the values are retrieved without error, the NSDBAuthen object proceeds to create and initialize an instance of a CDataAccess object. When the server creates a user authentication context, it asks the NSDBAuthen object to manipulate the CreateUserAuthentication method, which in turn creates and initializes an instance of a CauthenticationContext object, supplying the CDataAccess object for the user credential. The implementation of the other two methods, GetAuthenticatorClass and GetAuthenticationType, of NSDBAuthen is straightforward.
The user authentication object, an instance of the CAuthenticationContex class, fulfills the requirements of the INNSUserAuthentication interface. In addition to providing services for object management and returning user and class identifiers and the authentication result, it delegates the task of authentication to the data access object.
The data access object, an instance of the CDataAccess class, is responsible for managing the connection to an ODBC data source and executing database queries. It implements two methods: Init and AuthenticateUser. The Init method creates an instance of data connection (m_piConnction) object as well as a record set (m_piRecordSet) object. The connection object performs business-specific authentication policy. In this case, it gets user name, password from the user. The AuthenticateUser method takes the user data and queries the user information against entries in the record set object. If the user entry matches any in the database, authentication is successful. Otherwise, no content is streamed.
[Previous][Next]