[OSLC-CM] How many tools support (or plan to) OAuth?

Steve K Speicher sspeiche at us.ibm.com
Fri Nov 20 12:14:37 EST 2009


In our next meeting, I wanted to bring up this topic but just couldn't 
wait.

For ALM tool interoperability, a good authentication story is needed.  In 
CM 1.0, we sort of "punted" on the issue and made some general statements 
about what SHOULD be supported: HTTP Basic auth, OAuth and SSL.  We never 
made it a MUST hard mandatory requirement.

I'd like get some more information about where participants are with 
respect to OAuth.  If you don't know much about OAuth, there are some good 
introductory resources at http://oauth.net

So the kind of feedback I'm looking for is:
What solutions are used today for cross-system authentication? 
What are the current issues with today's solutions? 
Do any of your tools support OAuth today? If not, any plans. If no plans, 
reasons for not adopting? 

Feel free to respond or we can talk on Wednesday.


So I'll respond to my own questions for Rational:

Team Concert:
        Currently supports OAuth

ClearQuest / Change:
        Currently support HTTP basic auth.  Investigating OAuth support, 
might be available in an upcoming release.  Integrating service providers 
must flow credentials through their servers, requiring careful handling.

Thanks,
Steve Speicher | IBM Rational Software | (919) 254-0645
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://open-services.net/pipermail/oslc-cm_open-services.net/attachments/20091120/4b4487aa/attachment-0003.html>


More information about the Oslc-Cm mailing list