Hi All, I've been surfing the web looking for common or best practices for dealing with authentication and authorization with SOAP. If you have some good links, please pass them along. A proposed solution internally here was to simply send an a username and password and get back a token. The tokens are kept in a cache and managed by the application. Each subsequent SOAP call by a client requires the token as a the first parameter. Is that good practice? It doesn't quite feel right to me.
cheers, Cameron
