On 9/28/07, Matthieu Riou <[EMAIL PROTECTED]> wrote: > 1. How do someone gets the authorization to invoke a given process and how > do that process gets the authorization to invoke another service, assuming > that the process itself is oblivious of this machinery.
2. How does a process gets aware of credentials and authorizations and > manipulates them. > > I think we should address 1 first and then extend it to allow 2 once we're > ready. What do you think? > It might be interesting to consider using synapse. I still believe #2 will eventually involve multiple wsdls and some transformation policies, which is the whole purpose of the intermediary layer. All Ode might need internally then is access to some convenient assertion manipulation functions which are likely to already exist in xslt. -d
