info on authentication

Asked by cannata_g on 2012-04-16

Hi, i'm trying to use ladon in python. It look very simple to use but I have not found any information on how to authenticate to the web services I create. There is some documentation on this issue? Do I have to configure apache to authenticate to the web service? In this case how can I get the user name in the web service to check for authorization?

Thanks in advance,

Question information

English Edit question
ladon Edit question
No assignee Edit question
Last query:
Last reply:
jsgaarde (jakob-simon-gaarde) said : #1

Hi Giovanni.

Ladon only delivers the basic functionality of a web service framework. You can apply authentication on many different levels, Apache is one of them, but this puts strict demands on the client side agent to handle what ever authentication standard you choose. The most common authentication practice for web services that I know of, is to:

* Protect web service communication with SSL
* Expose an authentication method (ie. login(username,password) )that returns a session_id
* Let the session_id live on the server side (ie. using memcache with timeout)
* All other "private" methods take the session_id as first argument, so the server knows who it is talking with.

/ Jakob

Can you help with this problem?

Provide an answer of your own, or ask cannata_g for more information if necessary.

To post a message you must log in.