[CLUG-chat] Website Visitor Authentication that can't be given toothers

Paul Scott pscott at uwc.ac.za
Fri Jun 17 14:40:20 SAST 2005


On Fri, 2005-06-17 at 13:12 +0200, Chris van Wyk wrote:
>  > Hi all
> > 
> > Pondering a problem for a big website running apache on RH Linux (the
> > linux angle ;-):
> > 
> > The site will be selling subscriptions to content, but the usual
> > username/password mechanism lends itself to people giving it away to
> > others for free use.

What could also work, and is much more fun, and not to mention easier,
would be to use a webservice.

I am thinking that the architecture could work like so:

db --> app logic --> wsdl --> internet

The only entry point to the content could be a webservice. SOAP
authentication can be done in the SOAP envelope, plus, only specific
people that have a client can use it.

Cookies etc can be generated and stored within the client, say as XML,
so that would take care of your user that insists on destroying his
cookies.

Client can easily be written in C# (mono), Java, Python for Cross
Platform compatibility.

--Paul  






More information about the Clug-chat mailing list