authentication and authorization with X509?

authentication and authorization with X509?

Post by Y29vdG1vbn » Sat, 17 Feb 2007 13:30:15


planning on using a X509 cert to validate that a business client is who they
say they are. After we authenticate user, then we need a username and
password to authorize users permissions. Should we store this in the SOAP
header or just as part of the XML message structure?