>
>
>>
>> Or, do we mean we want something like a client-side (outbound)
>> authentication method that is set in an API, which corresponds to a
>> ClientAuthenticationModule that understands the authentication method,
>> and knows how to get/use the credentials. This would not be a string
>> replacement alias, but rather something like a simple API for any
>> client-side authentication?
>>
>
> I am thinking the latter i.e. the simple API. At the same time this would
> also need a close relationship with SSL.
>
>
Do you have real use cases for that.
In my head and from my experience, replacing clear passwords with
tokens/alias would have been very useful in many projects, but to be honest
I'm still trying to figure out about the API usage.