Tokens

Catching up on Atom news, I learned from a Mark Pilgrim article about the UsernameToken profile for OASIS’s web services security specification. Deja vu! We’ve used a similar home-brewed scheme for inter-application authentication for 4 years ranging from small ASP applications to web services in large J2EE apps.