I am trying to implement an alternative token solution similar to what Rackspace and OpenStack you by putting a token in a different header element, x-auth for example. Does anyone have any examples or that I can learn from?
I put together a tiny token auth system for an app I wrote last year. Have a look at the cadastre.auth.authenticator module I wrote, which supports multiple kinds of credential (password or token), via multiple schemes (basic and bearer), and which could easily be extended to custom headers by adding those headers to the relevant function signatures as injection targets.
Thanks, I will have a look.