Is not clear to me how the protocol will address authentication and authorization (roles i suppose) over the resources exposed by the OData Server. Or the protocol does not hand
