wiki:Authentication

Authentication

If the server is configured to use the database authentication module, the client must authenticate itself before being allowed to do measurements. When the flash client starts, the web-system generates a cookie which is given to the flash client and is saved in a database, together with the clients IP address, in a session table. This cookie value is sent to the measurement server in a authentication request. The measurement server fetches all active sessions from the database and checks if the cookie and IP address matches that of the request.

Disabling authentication

For testing, you may prefer to disable authentication altogether. You can do this by setting:

BypassAuth 1

In the measureserver.conf

Using the DBMysql module

The dbmysql module is used to verify that the users come from our web system, by verifying the cookie generated there. First, grant access to read the exp_session table to an external database user:

grant select on <database>.exp_sessions to '<username>'@'<hostname>' identified by '<password>';
example:
grant select on electronics.exp_sessions to 'remote_user'@'10.1.2.10' identified by 'secretpassword';

Then set up the database connection in the measureserver.conf, matching the configuration above:

DB.Host		<db host>
DB.Port		<db port, normally 3306>
DB.User		<db user>
DB.Password	<db pass>
DB.Database	<db database>

You also need to load the module and make sure that authentication is enabled.

LoadModules eqcom,dbmysql
DisableAuth 0

The LoadModules depends on your setup, in the example we load both the equipment server communication module and the dbmysql authentication module.

Last modified 7 years ago Last modified on Feb 15, 2011, 3:19:40 PM