A client session can use the AuthenticationControl feature to authenticate other client
Registering a control authentication handler
A client can register an authentication handler that can be called when a client
connects to Diffusion™ Cloud or changes the principal and
credentials it is connected with.
The authentication handler can decide whether a client's authentication request is
allowed or denied, or the authentication handler can abstain from the decision, in
which case the next configured authentication handler is called.
A client can propose session properties when it connects. If the authentication
handler allows a client's authentication request, it can choose to set the proposed
The authentication handler can set any user-defined session property, and some fixed
session properties, such as the $Roles session
For more information about authentication and role-based security, see Authentication.