Authentication & Authorization


I have some questions:

What is the best way to handle authentication (user) and authorization (role) in a Server XData. How can I manage a resource in read-only mode (enable only the verb GET) only for some users/roles? I need to create a my class that inherits from class TXDataServerModule and override the ProcessRequest method? I need to add some info in HTTPHeader (that client and server interchange) but I cannot access to it in TXDataClient class. How can I this?
Do you have in roadmap also the HTTP Digest access authentication?  

Thank you very much and Merry Christmas


Hello Claudio, for now you would have to inherit ProcessRequest indeed and do some manual processing before calling the inherited method. For the client side, we would have to create some events and interceptions points to make it possible for you. We plan to extend XData in that way, yes.

Hi Wagner, 

thank you very much for the answer. Have you a roadmap that you can share for this implementations?

Not yet, unfortunately.