[OTDev] Authentication and authorisation for OpenTox REST services
Andreas Maunz andreas at maunz.deWed Sep 30 10:55:34 CEST 2009
- Previous message: [OTDev] Authentication and authorisation for OpenTox REST services
- Next message: [OTDev] Authentication and authorisation for OpenTox REST services
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Nina Jeliazkova wrote: > Hi Andreas, > > Andreas Maunz wrote: >> Hi Nina and all, >> >> Nina Jeliazkova wrote: >> >>> Current status : >>> >>> * Own (minimal) implementation of AA for some services (NTUA, IDEA >>> –HTTP Basic for dataset POST, others?) >>> >> All: correct me if I am wrong, but I guess there is virtually no AA >> implemented in any individual partner service. >> > Correct, there are attempts to protect some resources from > spammers/incident writing by HTTP Basic, but that should not be > considered anywhere near AA. Which is also a good thing, in that we can choose freely between candidate technologies. >>> Options: >>> >>> * Centralized service providing Identity >>> * Federated AA >>> >> I am in favor of a centralized service: >> - could be a service (later also paid service) that we offer to the >> community. >> - will be easy to maintain by a single party (Accounts are most often >> created only once and then just used). >> >> >>> Technologies to consider (the list is not complete!) : >>> * HTTP Basic + SSL >>> * HTTP Digest >>> * OpenID >>> * OpenAuth >>> * Google OAuth & Federated Login >>> http://sites.google.com/site/oauthgoog >>> <http://sites.google.com/site/oauthgoog/Overlap> >>> * FOAF + SSL (pretty new) http://esw.w3.org/topic/foaf+ssl >>> * SAML >>> >> Personally I would give FOAF + SSL a try, due to its integration with REST. >> > Do you have any experience on FOAF+SSL in this context and what is the > support by the different platforms, used by partners? Not specifically with FOAF+SSL. But I have some experience with SSL certificates and would be willing to get into the topic. Best regards Andreas
- Previous message: [OTDev] Authentication and authorisation for OpenTox REST services
- Next message: [OTDev] Authentication and authorisation for OpenTox REST services
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
More information about the Development mailing list