Indy 9
|
TIdUserManager = class(TIdBaseComponent)
TIdUserManager provides properties that indicate characteristics of the user accounts for the server implementation, including:
TIdUserManager also provides methods and event handlers that allow authentication of a user account using the identity and credentials provided by a client connection.
property Accounts: TIdUserAccounts;
Accounts is used in AuthenicateUser to locate the collection item used for the authorization process. Accounts is also accessed when reading or writing the values in CaseSensitivePasswords and GetCaseSensitiveUsernames.
property CaseSensitivePasswords: Boolean;
CaseSensitivePasswords uses a read and a write specifier to provide access the TIdUserAccounts.CaseSensitivePasswords property.
Use CaseSensitiveUsernames to indicate if case is significant when accessing user accounts by the identity for the user account.
property CaseSensitiveUsernames: Boolean;
When CaseSensitiveUsernames is True, the read access specifier for the UserNames property will consider case to be significant in comparing the user name values. When CaseSensitiveUsernames is False, AnsiSameText is used to perform the name comparison.
CaseSensitiveUsernames uses a read and a write specifier to provide access the TIdUserAccounts.CaseSensitiveUsernames property.
Use CaseSensitivePasswords to indicate if case is significant when verifying user account credentials maintained by the user manager.
function AuthenticateUser(const AUsername: String; const APassword: String): Boolean;
AuthenticateUser calls TIdUSerAccount.CheckPassword for the value specified in APassword to complete the authorization process. After aythentication, the OnAfterAuthentication event handler is signalled to allow verification against an external source or logging for account access attempts.
constructor Create(AOwner: TComponent); override;
destructor Destroy; override;
property OnAfterAuthentication: TOnAfterAuthentication;
Applications must assign a procedure to the event handler to allow responding to the event notification. The OnAfterAuthentication event handler can be use to perform authentication where the account identity or credentials are stored outside the server implementation, or where additional logging is required after an attempt to access the server.
The OnAfterAuthentication event handler can change the value in AAuthenticationResult to indicate if the authentication attempt was successful.
OnAfterAuthentication is used in the AuthenticateUser method after the user account identified in AUsername has verified the password in APassword for the user account. AAuthenticationResult contains the result for the account authorization prior to signalling the TOnAfterAuthentication event.