I am looking into exactly how to implement security within the framework of
SOAP::Lite. One of my requirements is that I be able to restrict access to
modules based on access lists maintained on my SOAP server. I am using a
SOAP::Lite Daemon server, for reasons related to portability and ease of
Does anyone know if there is a way to change the dispatch_to location on the
fly? I was thinking that the Daemon server could be extended to first check
an ACL and then build a list of static dispatch_to calls on the fly... but
even then, would it be possible to change where dispatch_to points after the
handle() method is called?
I have a need to allow different people access to different services, with
at least three levels of security (no access, read only, full access), and
the more flexible the security the better. I have read some of the ideas in
the soaplite guide, and I like them, but I have not settled on a design yet.
And I believe building checks for those levels of security into each and
every one of my classes would be hard to maintain and very error prone. Any
suggestions/comments/ideas as to how I could implement this level of access
management would be greatly appreciated. Thanks!