in reply to Re: SOAP::Lite - securest authentication route...
in thread SOAP::Lite - securest authentication route...

I have a feeling that grabbing the Apache request before it hits the SOAP stuff through a PerlHandler) would be the easiest way of doing that. Although that's not how I'm currently approaching it :)

I was going to add a 'LocalAuth' module (or similar) that would be run at the beginning of a method call, something along the lines of: 

if ($auth->can('set credit card')) {
    proceed();
}

[download]

as the final lock down at the application level, where individual methods are listed in a DB along with identifying group(s) of hosts allowed to run them (then do a group look up to see which group the particular host belongs to.

I'm still in flux over all this, but having great fun experimenting :) Perhaps you'd care to expand on your ideas...

cLive ;-)

Replies are listed 'Best First'.
Re: Re:^ SOAP::Lite - securest authentication route...
by gnork (Scribe) on Apr 21, 2004 at 09:18 UTC
    The DB solution is exactly what I have in mind. The "$auth->can" call in the method call is one solution I thought about.
    Since this requires an additional call in the method code, I would opt for an inherited method or an additional module in SOAP::Lite, that does this work.

    Gnork

    cat /dev/world | perl -e "(/(^.*? \?) 42\!/) && (print $1))"
    errors->(c)
[reply]

In Section Seekers of Perl Wisdom