I need REST service whit two methods: first need autorization and second open for all (with no authenticate procedure).
If I put TDSHttpService and bind with TDSAuthenticationManager, then all methods needs authenticate (in authentication event I have no info about method). If I put two TDSHttpService components - one with and second without Auth Manager, and with different contexts (f.ex.), then can work together (on same port). What is valid solution?
The TDSAuthenticationManager has two events: OnUserAuthenticate and OnUserAuthorize. Inside the Authenticate event you check the user name and password. If valid add a special role (f.i. 'MainUser') to UserRoles. In both cases set valid to True;
You can now handle authorization in the other event, but there is a much easier way to do that: Add a [TRoleAuth('MainUser')] attribute to all the methods requiring authentication.