[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: RE: [ws-caf] outstanding issues for WS-Context
I
believe that this issue must be related to my "informal issue" of access
control. In other words, if we "secure" then we authorize (and there are various
kinds of reads and writes); to authorize we have to authenticate -- which was
where my thinking fell down. Authentication by interface reference (I'll give
you references only for the operations I wish you to use) only works if the
references are artificially different, and after a while it won't be hard to
work around that type of "protection".
I
believe that the introduction of authentication/authorization is a good idea
(I'm not the right person to propose how to do it in a WS-friendly way), and I
further think that we should remove the double reference we currently have, so
that the context service and the context manager are a single service reference.
Alastair
|
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]