TXDataClient provides basic authentication in the form of UserName/Password.
I can't figure out though how to use them Serverside.
I use a HttpSysServer the way you describe in your documentation and add a TXDataServerModule with the AddModule function. That all works fine. But how and when can I test the Username and Password I provide with the TXDataClient?
TXDataServerModule has two properties UserName and Password that you should also set so that it will only accept requests that provide such user name and password.
Ah, I see. So no possibility to detect who connects to the server....
It would be very nice to find out somehow who connects to the server. I feel a bit frustrated that I can't do that.
Actually it's possible. In the current official released version, it's not straightforward but possible, you can just inherit from TXDataServerModule and override some methods and do your processing there (checking the basic authentication info yourself, or receiving the user info via some custom headers). If you are in a big hurry you can send us an e-mail so we can discuss about that technique.
The reason we didn't document or publish this option too much is simply because we are going to release better ways to do that. The next Sparkle version will include a middleware system so it will be easy for you to plug middleware classes to manipulate the requests before they are forwarded to the module (XData, RemoteDB or any other). Next, we will include an official authentication/authorization system.
I'm not in a hurry, when something better is on the horizon :-)
Both new features sound very promising. We are planning to build a large new system based on REST and XData seems ideal for that.
Could you give me an indication when you expect to release these new features? Or a roadmap?
The same goes for the new replicationsystem you mentioned. Can you give me an indication of when you will be releasing this?
We will be releasing a beta of the replicator for all active TMS Business Subscription customers next week. That will include of course the replicator, and also the middleware system in Sparkle (which is already implemented, just not released). The authentication will come next, a couple of months later.
What is the state of this? I have already implemented an authentication system based on TSON Web Tokens (JWT) but I am now looking for a fine-grained authorization system that will allow me to set access rights for individual operations on individual tables by user. Without this, one couldn't possibly deploy a XData based server in a real-world environment. Is this what you are planning to release? Please say yes! :-)
Yes, also. Can you please contact us directly through e-mail so we can talk with more details about what you need, specifically?