4) web
Primary, this website will only do three things:
-1) authenticate a user/password/pin/token combo (via soap/xmlrpc)
+1) authenticate a user/pin/token combo (via soap/xmlrpc)
2) admin users - i.e. assign tokens to users - it would be nice
if the backend were something else (i.e. ldap/AD)
3) allow users to manage their tokens i.e. synchronize them