continuum-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Rahul Thakur" <rahul.thakur.x...@gmail.com>
Subject XML RPC security
Date Fri, 27 Apr 2007 08:13:06 GMT
Hey guys,

Some quick notes on the security for XML RPC interface. This is what I 
am thinking...

Have an AuthenticatedXmlRpcService component that services the xml rpc 
requests. The first request from a client to the service is a request 
for authentication. A successful authentication returns an 
authentication Token, which is passed along with subsequent requests by 
the client. A Token can go stale (configurable time period?) if there 
were not requests detected for it. Also, we could have a service that 
answers any polling requests and keeps a Token 'alive'.

Thoughts?

Rahul 


Mime
View raw message