Hi Nina and All,

We had a look at oAuth. It was easy to implement it in an example 
application for ruby sinatra (also OK to rails).
There are different libraries and code examples (DotNET, C#, VB.NET, 
ColdFusion, Common Lisp, Java, Perl, Python, Ruby, ...) on
http://oauth.net/code
and a documentation with workflow graphs on
http://hueniverse.com/oauth/

best,

Micha





Nina Jeliazkova schrieb:
> Hello All,
>
> I would like to start a discussion on possible requirements and
> solutions for OpenTox REST services.  The main point here is we have
> distributed services, developed by different partners, but expected to
> work together.
>
> A typical use case would be a dataset to be provided by service S1,
> descriptors calculated by Service S2 , model prediction by service S3
> and validation by service S4.  Any of the services might request
> authentication of the client. In case of independent AA implementations
> for each partner service, the client will be asked 4 times (in worst
> case) to enter his credentials, specific for each of the four services.
>
> Current status :
>
>     * Own (minimal) implementation of AA for some services (NTUA, IDEA
>       –HTTP Basic for dataset POST, others?)
>
> Options:
>
>     * Centralized service providing Identity
>     * Federated AA
>
> Technologies to consider (the list is not complete!) :
>
>     * HTTP Basic + SSL
>     * HTTP Digest
>     * OpenID
>     * OpenAuth
>     * Google OAuth & Federated Login  
>       http://sites.google.com/site/oauthgoog
>       <http://sites.google.com/site/oauthgoog/Overlap>
>     * FOAF + SSL (pretty new)  http://esw.w3.org/topic/foaf+ssl
>     * SAML
>
> Best regards,
> Nina
>
> _______________________________________________
> Development mailing list
> Development at opentox.org
> http://www.opentox.org/mailman/listinfo/development
>