- From: Mike Dierken <mike@DataChannel.com>
- Date: Wed, 7 Jun 2000 08:27:08 -0700
- To: xml-dist-app@w3.org
> Any takers for getting together a list of features that people would like? > > > > Are there any standard or convetion for specifying > > authentication etc within <SOAP-ENV:Header>? > Is 'authentication information' meant to be used in the context of 'perform this operation on the behalf of user-x'? or is it 'perform this operation & here is a magic key'? or something different? Since SOAP can be carried over multiple transports, and those transports have mechanisms for user identification, should there be a concept of 'inheriting' user identification information from the transport? The underlying transport might not have very secure user-id, but when they do it may be nice to use them. Would this be the job of a SOAP dispatcher, to extract transport info, transform to a unified format & load into the header? Can a SOAP dispatcher touch the message or will it ruin digest/checksums/etc.? Also, should this discussion be made on the SOAP forum? (SOAP@DISCUSS.DEVELOP.COM) Mike
Received on Wednesday, 7 June 2000 11:34:15 UTC