I'm writing a REST style wrapper for the inquiry api and started thinking about how to support authenticated users to the REST inquiry binding. I came up with two options
1) Use servlet container authentication, then just trust the container provided identity. We'll need a way to provide that info to the existing service code 2) Create a REST endpoint for the Security API that uses post, then pass the auth token as a query parameter or something to the REST bindings Any one else have any ideas or comments?
