I've been using a cookie/session authentication method for Wirebird,
which is okay for the web-based stuff for now, but only about as
RESTful as overloaded POST.
I've been figuring that by the time Wirebird becomes a serious target
(it already rejects about a dozen mostly-Russian comment spams a day...
c'mon, guys, give it up, do you see any getting through?) there would
be a more robust (yet browser-friendly) method.
I'm keeping my eye on this one: http://oauth.net/
Hat tip to Leonard Richardson, co-author of the vulpine phalanger book,
for the information: http://www.crummy.com/2007/10/08/0
(And the valet key for our Saturn? Won't unlock the door without
setting off the panic button. What if I want the valet to LOCK THE DARN
THING where he's parked it, hmm?)
