"Memory users" is the RIFE terminology for users that are kept in an XML file (which are kept in-memory after initialization, hence the name). This is the simplest way of organizing users, and is suitable for keeping track of a static group of users such as an administrator or perhaps a guest user.
With this method, you simply list the users and passwords in a file, specified as a ParticipantMemoryUsers in the repository. Let's start by adding the participant:
Example 8.1. A memory users configuration file
<?xml version="1.0" encoding="UTF-8"?> <!DOCTYPE rep SYSTEM "/dtd/rep.dtd"> <rep> <!-- Add users participant --> <participant param="rep/users.xml">ParticipantMemoryUsers</participant> <participant param="rep/config.xml">ParticipantConfig</participant> <participant param="rep/datasources.xml">ParticipantDatasources</participant> <participant param="sites/friends.xml">ParticipantSite</participant> </rep>
The file rep/users.xml is where the user list is defined. We only need one user, an administrator who can edit the friends list.
Example 8.2. Memory users configuration file
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE credentials SYSTEM "/dtd/users.dtd">
<credentials>
<user login="admin">
<password>password</password>
<role>admin</role>
</user>
</credentials>In addition to user name and password, there is a role tag, here set to admin. The role is used to grant access to different parts of the site to different users. We'll show how roles are used later in this chapter.
There are a few steps involved in setting up authentication, and the best way to explain it should be to go through the additions and changes to the application.