thrift-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Stuart Sierra" <m...@stuartsierra.com>
Subject Re: Tracing request origin?
Date Mon, 11 Aug 2008 16:46:04 GMT
On Thu, Aug 7, 2008 at 3:39 PM, Phillip B Oldham
<phillip.oldham@gmail.com> wrote:
> Its more about tracking access, authentication, and authorisation.
>
> I'd like to provide access to a web service using thrift, however I
> need to ensure only a certain number of specific apps have access to
> the service information, and that they're not accessing information
> other than their own and that which is shared.
>
> Any recommendations on how to achieve this with thrift?

I think you have two options: 1) include an authentication token in
the message, handle it in the web service; or 2) hide the Thrift
server behind a proxy that handles authentication and access control.
Either way, Thrift itself is not going to do any of the work for you.

-Stuart

Mime
View raw message