[OTDev] A note on A&A
Nina Jeliazkova jeliazkova.nina at gmail.comMon Sep 13 13:16:23 CEST 2010
- Previous message: [OTDev] A note on A&A
- Next message: [OTDev] validation and qmrf-report update
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Would be good to have all these discussion points gathered on a single place and into the OpenTox meeting agenda at Rhodes . Nina On Sat, Sep 11, 2010 at 5:07 PM, chung <chvng at mail.ntua.gr> wrote: > Dear All, > For the time, there are two basic ways for a client to provide > authentication credentials to a server: providing a token URI in the URL > of the request (e.g. http://server.com/service?tokenid=XXX ) or > alternatively providing its username and password in the URL like > http://server.com/service?username=XXX&password=YYY. (The latter is good > for testing but not that safe). Maybe there should be a third option: > the use of the HTTP header Authorization > Yes. > > For example: > > Authorization : USERNAME:PASSWORD > > or > > Authorization : TOKENID_URL_ENCODED > > This is a W3C recommendation for servers that require authentication. > You can get more details at > http://www.w3.org/Protocols/rfc2616/rfc2616-sec14.html#sec14.8 > > Best regards, > Pantelis > _______________________________________________ > Development mailing list > Development at opentox.org > http://www.opentox.org/mailman/listinfo/development > -- Dr. Nina Jeliazkova Technical Manager 4 A.Kanchev str. IdeaConsult Ltd. 1000 Sofia, Bulgaria Phone: +359 886 802011
- Previous message: [OTDev] A note on A&A
- Next message: [OTDev] validation and qmrf-report update
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
More information about the Development mailing list