Implement the ControlAuthenticator interface to create a control authentication handler.

1. Edit the etc/Server.xml configuration file to include a name that the control authentication handler can register with.
   Include the control-authentication-handler element in the list of authentication handlers. The order of the list defines the order in which the authentication handlers are called. The value of the handler-name attribute is the name that your control authentication handler registers as. For example:

   <security>
     <authentication-handlers>
       <-- Include a local authentication handler that can authenticate the control client -->
       <authentication-handler class="com.example.LocalHandler" />
                  
       <-- Register your control authentication handler -->
       <control-authentication-handler handler-name="before-system-handler" />
   
     </authentication-handlers>
   </security>

   The client that registers your control authentication handler must first authenticate with the Diffusion™ server. Configure a local authentication handler that allows the client to connect.

2. Start the Diffusion server.
   • On UNIX^®-based systems, run the diffusion.sh command in the diffusion_installation_dir/bin directory.
   • On Windows™ systems, run the diffusion.bat command in the diffusion_installation_dir\bin directory.
3. Create a Java class that implements ControlAuthenticator.
4. Create a simple client that registers your control authentication handler with the Diffusion server.
5. Start your client.
   It connects to the Diffusion server and registers the control authentication handler with the name before-system-handler.