Appendix C: Authentication Data Storage

This chapter describes the data storage methods which can be used with the authentication feature.

Understanding Authentication Data

To authenticate visitors, the Helix Universal Proxy stores user IDs and passwords. When a client makes a request for media, Helix Universal Proxy looks up this information to see whether the client or visitor is authorized. The information can be stored in either a series of text files or in a database. Templates for common databases are installed during installation.

This section describes the methods for storing user name and password data. Templates for common databases are created during installation, that correspond to the database methods listed in "Setting up Databases".

Text file storage—this method uses a combination of directory structure and text files to achieve a sensible data storage method. It is the default method. See "Using Text Files for Authentication Data" for details.

Database templates—the supplied templates use a similar structure to the text file method, in more familiar database formats. Refer to "Using a Database for Authentication Data" for more information.

Using Text Files for Authentication Data

The default configuration uses the text file storage method to provide storage for both default realms.

The following directories contain the text files which store data. The center letter indicates the authentication protocol: r is for RN5, b is for Basic.

Supplied Data Storage Directories
Directory Name	Data Storage for the following type of information
`adm_b_db`	Helix Administrator User Authentication
`con_r_db`	Connection Authentication

The contents of the directories are given in the table below.:

Text File Storage Directory Structure
Directory	Contents	File or Directory Description
Main directory (`con_r_db` or `adm_b_db`)	`ppvbasic.txt`	The text file indicates to Helix Universal Proxy that this is the storage area for the list of authenticated names.
`users`	(initially blank)	Files in this directory list the clips and permission types.
`logs`	`access.txt`	See below for a description.
guid	(initially blank)	For player validation, files contain GUIDS to identify individual players.
`redirect`	(initially blank)	For player validation, files contain an URL to which to send the client if redirection is necessary.

When Helix Universal Proxy creates the file structure, it creates the ppvbasic.txtfile. The second and subsequent times you start the Helix Universal Proxy, the program looks for this file. If the file does not exist, it recreates the directory structure.

Warning! Do not delete the ppvbasic.txt file! If you delete the ppvbasic.txt file, Helix Universal Proxy will rewrite the directories and will erase their prior content.

Users Directory

The files in this directory are named username, where username is the user name. This directory contains one file per registered user.

The first line of each file has the following format:

password;uuid;uuid_writeable

where:


`password`	When user authentication is in use, this stores the password. Otherwise shows an asterisk (*). Note: Passwords are encrypted. To change them manually, see "Changing RealSystem 5.0 Authentication Passwords".
`uuid`	In player validation, stores playerID. In user authentication, an asterisk (*) appears in this field.
`uuid_writeable`	A flag set and used by Helix Universal Proxy: 0 playerID is in database 1 record created, but playerID is not yet registered

Note: If you manually edit the files, be sure that any blank (or unused) fields use an asterisk (*) as a placeholder. Do not use a space for a placeholder.

Logs Directory

This directory contains access.txt, which is not created until authentication is enabled and the first user connects to Helix Universal Proxy.

Access.txt

Each line of access.txt describes the result of an attempt to view a clip. Syntax of this file:

status;userid;uuid;ip;url;access_type;permission_on;start_time;end_time;total_time;
why_disconnect

where:


`status`	Result of user's attempt to connect: `0` access to clip granted `1` denied
`userid`	Unique name of up to 50 characters.
`uuid`	Stores playerID.
`ip`	IP address from which user is attempting to connect
`url`	Secured clip user is attempted to access.
`permission_type`	Event value.
`permission_on`	Always `0`.
`start_time`	Time/date clip started playing.
`end_time`	Time/date clip stopped playing.
`total_time`	Total time clip played.
`why_disconnect`	Reasons for disconnection: `0` client disconnected voluntarily `1` server access expired

Using a Database for Authentication Data

This section describes the structure of the ODBC, MS SQL and mSQL database templates included with Helix Universal Proxy.

To set up the database on Windows and UNIX, see "Setting Up Other Types of Data Storage".

The database templates include these tables:

Users table—Lists who is registered and with what access.

Access_log table—Used by this feature.

Users Table

Gives the list of user names and passwords.

Users Table
Field	Description
`userid`	User name of up to 50 characters. Ties to permissions table.
`password`	In user authentication, this stores the password. Otherwise blank. Note: Passwords are encrypted. To change them manually, see "Changing RealSystem 5.0 Authentication Passwords".
`uuid`	In player validation, stores clientID. In user authentication, an asterisk (*) appears in this field.
`uuid_writeable`	A flag set and used by Helix Universal Proxy: `0` clientID is in the database `1` the record has been created but the clientID is not yet registered with Helix Universal Proxy.

Access_log Table

Shows which restricted sites have been accessed.

Access_log Table
Field	Description
`status`	Result of user's attempt to connect: `0` access to clip granted `1` denied
`userid`	Unique name of up to 50 characters.
`uuid`	Stores player ID.
`ip`	IP address from which user is attempting to connect.
`url`	Secured clip user is attempted to access.
`permission_type`	Event value.
`permission_on`	This field is always `0`.
`start_time`	Time/date clip started playing.
`end_time`	Time/date clip stopped playing.
`total_time`	Total time clip played.
`why_disconnect`	Reason for disconnection: `0` client disconnected voluntarily `1` server access expired

Setting Up Other Types of Data Storage

To set up your Windows computer for ODBC compliance:

On the Start menu, point to Settings, and click Control Panel.

Under Administrative Tools, double-click Data Source (ODBC).

On the System DSN tab, click Add.

Select your ODBC driver from the list of drivers and click Finish.

In the ODBC SQL Server Setup dialog box, type the data source name. Click Select.

Type or browse for the path to your database file and click OK.

Click OK to exit the ODBC Data Source Administrator.

Note: You must now tell Helix Universal Proxy where to find your database. Refer to "Setting up Databases".

To set up the supplied mSQL database on UNIX:

Move to the directory where mSQL is located.

At a command line, start mSQL by typing the following:

./msql2d &

where

& starts mSQL in the backround.

Create the database by typing the following:

./msqladmin create databasename

Note: Whatever you type for databasename needs to match the database cited in Security>User Databases.

Create the tables using the sample database template by typing the following:

./bin/msql -h localhost databasename < authdemo

where:

authdemo is /Database/msql/authdemo.db, in Helix Universal Proxy's installation directory.

Note: Be sure to include the less-than sign (<).