On Thu, Aug 7, 2008 at 3:39 PM, Phillip B Oldham <[EMAIL PROTECTED]> wrote: > Its more about tracking access, authentication, and authorisation. > > I'd like to provide access to a web service using thrift, however I > need to ensure only a certain number of specific apps have access to > the service information, and that they're not accessing information > other than their own and that which is shared. > > Any recommendations on how to achieve this with thrift?
I think you have two options: 1) include an authentication token in the message, handle it in the web service; or 2) hide the Thrift server behind a proxy that handles authentication and access control. Either way, Thrift itself is not going to do any of the work for you. -Stuart
