[Twisted-Python] Fitting cred into my application

[Matthew Pounsett]

Hi.  I've been trying to wrap my head around the cred implementation for a while now, but either I'm missing something, or there's some piece of documentation that could be better.  Probably at least a bit of both.

My application is an XMLRPC server, and an authenticated client should have rights to run some RPC methods, but not others.  Some methods will give access to limited data based on authentication.

The documentation for cred is clear in the case where the server has its own protocol implementation, but in the case of XMLRPC, where the protocol isn't subclassed, how to link it in is far less clear.  Also, since the design suggests that it's the RPC methods that need to talk to the avatar, not the protocol, how to implement cred seems even less obvious.

Are there some other examples of cred implementations floating around that I can look at, where lack of authentication does not block all access to the protocol?  In particular an example combining XMLRPC and cred would make my day.  Does any documentation or example code along those lines exist that I just haven't found yet?

Thanks in advance for any pointers!
   Matt