ZF-10145: Authentication & Authorization

Issue Type: Improvement Created: 2010-07-13T03:15:41.000+0000 Last Updated: 2012-08-14T08:21:53.000+0000 Status: Open Fix version(s): Reporter: Thomas Tourlourat (armetiz) Assignee: Wade Arnold (wadearnold) Tags: - Zend_Amf

  • Zend_Rest_Server
  • Zend_Soap_Server

Related issues: Attachments:


Zend_AMF_Server include an authentication & an authorization part based on Zend_Auth & Zend_ACL.

Zend_SOAP_Server & Zend_REST_Server doesn't include authentication & authorization... This is really missing.

Example : I have a Service_User class & methods CRUD with other specifics methods like "getUserBooks" or "getallowedUsers".

CRUD functions shouldn't be public, because they involve database integrity; counter to specifics methods.

SOAP / REST Server can take functions or classes. It could be really usefull to setup some ACL on this methods or services..

That all folks.


Posted by Robert Broen (rbroen) on 2012-08-14T08:21:53.000+0000

In what way are authentication & authorization part of the SOAP protocol specification or the REST architectural style?

Have you found an issue?

See the Overview section for more details.


© 2006-2018 by Zend, a Rogue Wave Company. Made with by awesome contributors.

This website is built using zend-expressive and it runs on PHP 7.