ZF-10145: Authentication & Authorization

Issue Type:
Improvement
Created:
2010-07-13T03:15:41.000+0000
Last Updated:
2012-08-14T08:21:53.000+0000
Status:
Open
Fix version(s):
    Reporter:
    Thomas Tourlourat (armetiz)
    Assignee:
    Wade Arnold (wadearnold)
    Tags:
    • Zend_Amf
    • Zend_Rest_Server
    • Zend_Soap_Server
    Related issues:
    Attachments:

    Description

    Zend_AMF_Server include an authentication & an authorization part based on Zend_Auth & Zend_ACL.

    Zend_SOAP_Server & Zend_REST_Server doesn't include authentication & authorization... This is really missing.

    Example : I have a Service_User class & methods CRUD with other specifics methods like "getUserBooks" or "getallowedUsers".

    CRUD functions shouldn't be public, because they involve database integrity; counter to specifics methods.

    SOAP / REST Server can take functions or classes. It could be really usefull to setup some ACL on this methods or services..

    That all folks.

    Comments

    Posted by Robert Broen (rbroen) on 2012-08-14T08:21:53.000+0000

    In what way are authentication & authorization part of the SOAP protocol specification or the REST architectural style?