It is possible to configure the QCG-Computing service to authenticate users using usernames and passwords provided by local security context:
{{{
   <sm:Module xsi:type="sm:ecm_gsoap.service">
      <sm:Host>qcg.example.com</sm:Host>
      <sm:Port>19003</sm:Port>
      <sm:Authentication>
        <sm:Module xsi:type="sm:atc_transport_ssl.service">
          <sm:ServiceAuthentication>
            <sm:X509CertKeyFile>/opt/qcg/etc/qcg-comp/certs/qcgcertkey.pem</sm:X509CertKeyFile>
          </sm:ServiceAuthentication>
        </sm:Module>
        <sm:Module xsi:type="sm:atc_msg_wsse_username.service">
          <sm:UserdirModule>
            <sm:Module xsi:type="sm:userdir_pam"/>
          </sm:UserdirModule>
        </sm:Module>
        </sm:Authentication>
        <sm:Authorization>
          <sm:Module xsi:type="sm:atz_username"/>
        </sm:Authorization>
   </sm:Module>
}}}

Please note:
 * `qcgcertkey.pem` must contain both service key and certificate,
 * the `<UnprivilegedUser>` user  used to run the service must be authorized to use the `pam_authenticate` method (e.g. in case of flat passwd files, the group of the user must have read permission for the `/etc/shadow` file)
 * you must provide proper pam configuration for qcg-compd daemon
{{{
# cat /etc/pam.d/qcg-compd 
#%PAM-1.0
auth       include      system-auth
account    include      system-auth
}}}