PwAuth Filter

The purpose of this document is to provide an overview of the PwAuth Filter. PwAuth is a message filter which watches for Session.UP and attempts to
authenticate the user by sending a message to the server with the name and password in it. If the server responds, the session is notified with the
user name. If the server responds negatively, the session is notified of the failure (using a PwAuthFail event). A transport control may also be sent to
force a login or logout or to set the name or password. The name and password are initialized from the uri, or prompted for if not specified.

PwAuth Parameters

PwAuth.user - Specify the user name on the uri
PwAuth.password - Specify the password on the uri

How to enable PwAuth Filter

In Listener, change the uri to enable PWAuth Filter

String uri = "tcp://"

In client, change the uri to

String uri = "tcp://fred:1234@localhost:4008?filter=PwAuth";

where fred is the username
and 1234 is the password

How it works

When the session is UP, the client send a PwAuth request to the server. If username/password has not been set on the uri, the PWAuth
will send a session query to the client, asking for username/password.

On the server side, PWAuth filter intercepts the request, gets the username/password from the request, package them in a UserPassword Object and sends a
session query to the server. In the Server Impl, the logic to authenticate the user can be placed. The return object is OkStatus

public Object _sessionQuery( Object query ) throws Exception
		if (query instanceof UserPassword)
			OkStatus status = null;
			UserPassword up = (UserPassword) query;
			if (up.user.equals( "fred" ) && up.password.equals( "1234" ))
				status = new OkStatus( true, "" );
				System.out.println( " Authentication Passed" );
				status = new OkStatus( false, "Authentication failed" );
				System.out.println( " Authentication Failed" );
			return status;

		throw new UnsupportedOperationException( "unknown query: " + query );