Description

RealityServer Web Services Authorization system. The RealityServer Web Services Authorization system is the first or second step applied (after, possibly, UAC) when processing an HTTP request or when an RTMP connection is made. The system calls a built in or user supplied authorization handler which has access to the HTTP or RTMP request information. From this the module decides whether the connection should be allowed or not.

Multiple authorization modules can be registered with RealityServer Web Services and which module to use can be configured on a per URL basis. By default RealityServer Web Services is configured to allow access to every url.

After a url is authorized state processing occurs for HTTP connections.

Authorization modules are implemented in RealityServer Web Services plugins using the mi::rswservices::IAuthorizer interface. These are registered with RealityServer Web Services via mi::rswservices::IExtension_context.

RealityServer Web Services supplies two built in authorizers:

• "Allow" permits access from all clients.

• "Forbidden" denies access from all clients.