Graham Leggett wrote:
> If possible, whatever you need to do should
> fall into this kind of operation so that existing modules can be used to
> do authentication.
yes I agree completely. this is exactly what I meant when I wrote:
> > Our basic design allows the use of another module (say mod_auth or
> > something else) to authenticate users
>> but through an "access file", we
> > authorize users to connect to particular web-service or its methods.
however, the only stumbling block on that road is that typically a SOAP call
will be made from inside a program (and not from a human-oriented interface)
so I don't know if I all authentication modules will make sense. But I guess
we can live with that.
With Warm Regards
Tarun Upadhyay
|