[OSLC-CM] How many tools support (or plan to) OAuth?
Steve K Speicher
sspeiche at us.ibm.com
Fri Nov 20 12:14:37 EST 2009
In our next meeting, I wanted to bring up this topic but just couldn't
wait.
For ALM tool interoperability, a good authentication story is needed. In
CM 1.0, we sort of "punted" on the issue and made some general statements
about what SHOULD be supported: HTTP Basic auth, OAuth and SSL. We never
made it a MUST hard mandatory requirement.
I'd like get some more information about where participants are with
respect to OAuth. If you don't know much about OAuth, there are some good
introductory resources at http://oauth.net
So the kind of feedback I'm looking for is:
What solutions are used today for cross-system authentication?
What are the current issues with today's solutions?
Do any of your tools support OAuth today? If not, any plans. If no plans,
reasons for not adopting?
Feel free to respond or we can talk on Wednesday.
So I'll respond to my own questions for Rational:
Team Concert:
Currently supports OAuth
ClearQuest / Change:
Currently support HTTP basic auth. Investigating OAuth support,
might be available in an upcoming release. Integrating service providers
must flow credentials through their servers, requiring careful handling.
Thanks,
Steve Speicher | IBM Rational Software | (919) 254-0645
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://open-services.net/pipermail/oslc-cm_open-services.net/attachments/20091120/4b4487aa/attachment-0003.html>
More information about the Oslc-Cm
mailing list