authenticationhandlers.txt

将本目录下的所有文件与目录传上您的服务器IIS虚拟目录下.并配置好ASP.NET的运行环境.更改好数据库连接地址即可.

Authentication via connector::

In my PHP connector the one from the FBXP project, it is 
possible to require authentication before a user can use
the connector. 

The works in the following manor:-

A1/ File Browser Requests Command From Connector
A2/ Connector.php recieves the request
	B1/ File config.php imported
	B2/ If authentication required load the authentication
		handler file specified in the config, i.e.
		$config['auth']['HandlerClass']='Default';
		the Auth/Default.php will be imported
	B3/ Create new instance of Auth class (defined in the
		authentication handler imported.
		C1/ Auth class, authenticate method called, passing
			the data recieved in the ExtraParams variable
			of the query string.
		C2/ authenticate method returns a modified copy of the 
			$config, to indicate successfull authentication
			$config['authSuccess'] should be set to true, if
			the authentication failed this should be set to false.
		
	B4a/ on success command is executed and output sent to client
	B4b/ on failure blank xml response returned.

A3/ End


How to create my own authentication handler::

Create a file in the Auth folder with the name of the handler (your choice)
i.e. If i wanted to call it MySQL the file i would create would be
MySQL.php in the Auth folder.

Skeleton for the new authentication class::
<?php
class Auth {
	function authenticate($data,$config) {
	
	}
}
?>

as you can see the class must have a method called authenticate which
takes two parameters, the value from the ExtraParams ($data) and a 
reference to the connector configuration $config (so you can change
things depending on the user if you wish) , you can now put what
ever code you like in that method to determine if the user is allowed 
or not. (you may add extra function to the class for internal use too,
these will not be called by the connector, but call them from inside
the authenticate method). The function returns a modified copy of the
$config, with any changes you like + the addition of a top level 
array element key: authSuccess   value: true if authentication
successful, else false.

If you want to limit what the user can do then you may want to change 
the array at: $config['Commands']
This holds an array of command that can be executed, if you remove say
DeleteFolder from the array then the user will not be able to delete 
a folder.


By Example:: There is a default authentication handler that i wrote to
distribute with the connector, so you may want to take a look at it
to get a better idea of whats going on.