The
CAuthenticator
class is the abstract base class of all authenticators.
It provides an interface that all authenticators must meet.
In typical operation, an application will select a concrete authenticator,
and pair it with a concrete interactor. The application will then
authenticate requestors using this pair of objects.
Here's some sample boilerplate code:
Example 33-3. Boilerplate DAQ Authorization code
#include <Authenticator.h> #include <Interactor> ... CAutenticator* pAuthenticator = selectAuthenticator(); CInteractor* pInteractor = selectInteractor(); if (pAuthenticator->Authenticate(*pInteractor)) { // Authorized to use the service. ... } else { // Not authorized to use the service. ... } // Assuming the interactor an authenticator are dynamically allocated // by the selection functions. delete pAuthenticator; delete pInteractor;
In the example above, the functions not shown,
selectAuthenticator
and
selectInteractor
determine the actual authentication method and authorization policy.
The implementation of these functions will vary from application to
application.
The complete definitinon of
CAuthenticator
is provided in
its reference pages.
The library provides the following concrete authentication classes:
CPasswordCheck
The entity must provide a correct password. Note that the current set of interactors do not support encrypted interactors. This can be extended if required.
CUnixUserCheck
The entity must provide a valid username and password that is could login to the local unix system.
CTclAccesListCheck
Intended for use within a Tcl interpreter. The entity must supply some string that is an element of a Tcl list held in a Tcl variable.
CAccessListCheck
The entity must supply a string that is one of a set of strings given to the authenticator.
CHostListCheck
Same as CAccessListCheck
but the
access list is a set of IP addresses. The entity's
credentials are translated to an IP address and looked up
in the set of allowed items.