I am not clear on what makes a controller method available as an URL.
specifically, I’m not clear on how to prevent methods from being
I am working on a simple web API framework (home-rolled rather
than SOAP or XML-RPC) that provides little more than a high-level
implement the only methods that should be available via HTTP, but the
controllers will need to implement methods that the HTTP-accessible
will call. Is it as simple as making the separate controllers’ methods
protected and private?