User access control
Diffusion™ provides facilities for controlling client access to a Diffusion server.
You can implement authentication handlers to authenticate a client when it connects to the server based on any criteria you choose (for example, an Lightweight Directory Access Protocol (LDAP) look-up). For more information, see User-written authentication handlers.
You can implement authorization handlers to manage authorization and permissions for actions that a client tries to take. For more information, see DEPRECATED: Authorization handlers
Previous versions of Diffusion used the authorization handlers to authenticate a client or user on connection to the server. This use of authorization handlers is now deprecated. For backwards compatibility, authorization handlers are still called for authentication operations. For more information, see Authentication.
However, we recommend you implement your authentication logic using authentication handlers.
In addition, you can constrain client access by using client validation policies. For more information, see .