[OTDev] Authentication and authorisation for OpenTox REST services
Nina Jeliazkova nina at acad.bgWed Sep 30 10:30:48 CEST 2009
- Previous message: [OTDev] Opentox RESTful Resources
- Next message: [OTDev] Authentication and authorisation for OpenTox REST services
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Hello All, I would like to start a discussion on possible requirements and solutions for OpenTox REST services. The main point here is we have distributed services, developed by different partners, but expected to work together. A typical use case would be a dataset to be provided by service S1, descriptors calculated by Service S2 , model prediction by service S3 and validation by service S4. Any of the services might request authentication of the client. In case of independent AA implementations for each partner service, the client will be asked 4 times (in worst case) to enter his credentials, specific for each of the four services. Current status : * Own (minimal) implementation of AA for some services (NTUA, IDEA –HTTP Basic for dataset POST, others?) Options: * Centralized service providing Identity * Federated AA Technologies to consider (the list is not complete!) : * HTTP Basic + SSL * HTTP Digest * OpenID * OpenAuth * Google OAuth & Federated Login http://sites.google.com/site/oauthgoog <http://sites.google.com/site/oauthgoog/Overlap> * FOAF + SSL (pretty new) http://esw.w3.org/topic/foaf+ssl * SAML Best regards, Nina
- Previous message: [OTDev] Opentox RESTful Resources
- Next message: [OTDev] Authentication and authorisation for OpenTox REST services
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
More information about the Development mailing list