RealityServer Web Services API Programmer's Manual

mi::rswservices::IAuthorizer Class Reference

[Request Authorization]

Description

Implements HTTP connection authorization.

mi::base::Interface_declare\< ... \>

Public Member Functions

virtual bool  authorize( IAuthorization_context* context) =0
Authorizes an HTTP connection. More...
virtual bool  authorize( IRtmp_authorization_context* context) =0
Authorizes an RTMP connection. More...
virtual const char* get_name() const =0
The name of the authorizer. More...

Member Functions

virtual bool mi::​rswservices::​IAuthorizer::authorize( IAuthorization_context* context) [pure virtual]

Authorizes an HTTP connection. The method has access to all HTTP request information supplied and should use it to decide whether the connection should be allowed or not. If the connection is to be refused the method should return false otherwise it should return true. On refusal the handler should set an appropriate HTTP result code and message using context->get_response()->set_result_code(). If no code is provided then a standard 403 Forbidden will be used. RealityServer will then proceed with protocol identification and if that succeeds will encode the result code and message as a protocol error. The exception to this is if the handler has called context->set_failure_body(). If this case it is assumed that a custom HTTP failure response has been supplied (EG: a WWW-Authenticate challenge) and the body is returned as a normal HTTP response. The same occurs if no protocol is identified.

Note that this means if authentication failure is meant to result in a redirect (by setting result code to 302/307 and adding a "Location" response header) then you must call context->set_failure_body(NULL,0) to ensure that the response is returned as an HTTP response and not protocol encoded.

In all cases (acceptance or refusal) any response headers set are passed through in the HTTP response.

Parameters

context
The authorization context.

Returns

true if connection is allowed, false if refused.

virtual bool mi::​rswservices::​IAuthorizer::authorize( IRtmp_authorization_context* context) [pure virtual]

Authorizes an RTMP connection. The method has access to all RTMP connect information supplied and should use it to decide whether the connection should be allowed or not. If the connection is to be refused the method should return false otherwise it should return true. Unlike HTTP authorization if a connection is refused no extra information can be returned to the client.

Parameters

context
The authorization context.

Returns

true if connection is allowed, false if refused.

virtual const char* mi::​rswservices::​IAuthorizer::get_name() const [pure virtual]

The name of the authorizer.

Returns

name