|
|
Authorization can also be performed using data dynamically generated at run time. The client can pass additional information otherwise unavailable at run time to the authorizer by appending a string containing the data to the Uniform Resource Locator (URL) of the source stream. The server ignores all of the characters after the first question mark (“?”) from the beginning when it resolves the URL and determines which file to stream to the client. However, the string is stored intact in the NSS_PRESENT_REQUEST_NAME property of a presentation context. The authorizer is responsible for parsing this string.
For example, a user wants to watch a title called TrainingABC.mpg on the local server. In a typical situation where an authorizer relies on a database for checking client credentials, the user opens the title by supplying the URL of the source file:
nsm://localhost/TrainingABC.mpg
On the other hand, the authorizer can choose not to use any database, but depend on the user to provide necessary information, such as the name and employee identification, at run time. The user can do so by appending the information to the URL of the source stream, as illustrated in the following address:
"nsm://localhost/TrainingABC.mpg?USER=Joe;ID=2316"
If the title consists of, for example, three lessons—A, B, and C—you can write an authorizer to let the user selectively view a lesson of his or her choice:
"nsm://locahost/TrainingABC.mpg?LESSON=B"