[OTDev] Authentication and authorisation for OpenTox REST services
Nina Jeliazkova nina at acad.bgWed Sep 30 10:30:48 CEST 2009
- Previous message: [OTDev] Opentox RESTful Resources
- Next message: [OTDev] Authentication and authorisation for OpenTox REST services
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Hello All,
I would like to start a discussion on possible requirements and
solutions for OpenTox REST services. The main point here is we have
distributed services, developed by different partners, but expected to
work together.
A typical use case would be a dataset to be provided by service S1,
descriptors calculated by Service S2 , model prediction by service S3
and validation by service S4. Any of the services might request
authentication of the client. In case of independent AA implementations
for each partner service, the client will be asked 4 times (in worst
case) to enter his credentials, specific for each of the four services.
Current status :
* Own (minimal) implementation of AA for some services (NTUA, IDEA
–HTTP Basic for dataset POST, others?)
Options:
* Centralized service providing Identity
* Federated AA
Technologies to consider (the list is not complete!) :
* HTTP Basic + SSL
* HTTP Digest
* OpenID
* OpenAuth
* Google OAuth & Federated Login
http://sites.google.com/site/oauthgoog
<http://sites.google.com/site/oauthgoog/Overlap>
* FOAF + SSL (pretty new) http://esw.w3.org/topic/foaf+ssl
* SAML
Best regards,
Nina
- Previous message: [OTDev] Opentox RESTful Resources
- Next message: [OTDev] Authentication and authorisation for OpenTox REST services
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
More information about the Development mailing list