A way to turn a HTTP client into a service provider

Poor man's Enterprise Service Bus

Let's get that straight - the purpose of AjaxSync is not to integrate existing applications or architectures. It does not contain support for standard high level interfaces like SOAP or REST. However it does contain some characteristics of an Enterprise Service Bus. Each user of an AjaxSync application has to be authenticated first. Based on its identity the AjaxSync server decides which functions the application can call and which function calls from other clients will reach the application. This is done using an UNIX like group based permission scheme.

Another thing is that it is not required that an application does register each function for which the user is allowed to receive calls, it can register only the functions that may be of interest. Therefore the calls to the non-registered functions will never be routed to the application.

AjaxSync does not contain support for encryption or digital signing of internal data fields, because JavaScript does not contain it. However the traffic as a whole can be SSL encrypted with the strongest available methods. That isn't part of AjaxSync itself, but being based on the Apache web server, web browsers and the libcurl with its openSSL integration that is only a question of configuration.

Tasks for future versions are the integration of LDAP authentication and synchronizing of LDAP groups, and Kerberos authentication. For the moment, only base authentication against user credentials stored in clear text in the AjaxSync database is supported.