You can try a demonstration of the VOLANO chat server and applet at www.volano.net. The Web site at volano.net demonstrates the membership database features of the VOLANO chat server by integrating with Google user accounts for authentication. Visitors to the Web site can sign in with their Google accounts and use their unique Google account nicknames in the chat rooms.
The technical details of this integration are described below. In a similar way, the VOLANO chat server can be integrated with any membership Web site, no matter how the member name and password information is stored.
How It Works
The Web site at volano.net runs as a Java application on the Google App Engine. When you sign in to the application using your Google account, you give Volano Software your Google account nickname but not your password or any other account information. The volano.net application assigns you a randomly generated universally unique identifier (UUID) and stores your nickname and UUID in the Google distributed memory cache.
Volano.net then returns a Web page with an instance of the VOLANO chat applet ready to connect to the VOLANO chat server. The applet uses your Google account nickname as your user name and the random UUID as your temporary password. The corresponding applet parameters in the HTML source look like the following:
<applet ... ... <param name="member" value="true"> <param name="username" value="firstname.lastname@example.org"> <param name="password" value="d05c714d-805a-424b-be12-cc9095804074"> </applet>
The UUID in the password parameter acts as an access token—a unique and temporary entrance ticket—that lets you connect to the VOLANO chat server as long as you're signed in to volano.net with your Google account. The VOLANO chat server verifies the UUID token with volano.net when you connect to the chat server with the applet. Volano Software has no knowledge of your actual Google account password, and your UUID token is removed from the Google memory cache when you sign out.
The nickname and UUID data stored in the Google memory cache can expire at any time, but visitors can obtain a new UUID token (and cause a fresh copy to be stored in the cache) simply by reloading the chat Web page when signed in. The volano.net application could avoid the cache expiration problem by storing the nickname and UUID in the Google App Engine datastore, but the speed and simplicity of the memory cache work just as well for demonstration purposes.