Analyse and document how to handle cascaded authentication
Assuming that a web application like GroupOffice receives a login request an defers authentication to WSO2 to authenticate a user but does not itself have the password needed by the IMAP, how can GO authenticate its IMAP access?
Assuming that a web service like z-push receives an active sync request and defers to WSO2 to authenticate the user, will it use XOAUTH2 or some other mechanism to authenticate to IMAP storage?
Write a simple web application and a simple web service to simulate this type of access to test how WSO2 can be used for cascading service authentication.