[OSLC-CM] How many tools support (or plan to) OAuth?
Olivier Berger
olivier.berger at it-sudparis.eu
Wed Nov 25 07:09:13 EST 2009
Le vendredi 20 novembre 2009 à 12:14 -0500, Steve K Speicher a écrit :
>
> For ALM tool interoperability, a good authentication story is needed.
> In CM 1.0, we sort of "punted" on the issue and made some general
> statements about what SHOULD be supported: HTTP Basic auth, OAuth and
> SSL. We never made it a MUST hard mandatory requirement.
>
> I'd like get some more information about where participants are with
> respect to OAuth. If you don't know much about OAuth, there are some
> good introductory resources at http://oauth.net
>
> So the kind of feedback I'm looking for is:
> * What solutions are used today for cross-system
> authentication?
> * What are the current issues with today's solutions?
> * Do any of your tools support OAuth today? If not, any plans.
> If no plans, reasons for not adopting?
>
> Feel free to respond or we can talk on Wednesday.
>
>
I believed that OAuth was only about permissions, i.e. authorizations,
and not about authentication... but I may be wrong... care to clarify,
anyone ?
Then if Oauth was only concerned with authorizations, what would be
taking care of Auth : only Http(S) login + password ?
Correct me if I'm wrong ;)
In any case, in the specs, authn and authz should be distinctly
addressed, I suppose.
Sorry not to provide any more concrete feedback WRT tools : we're
learning and intend to implement whatever will be in the specs in a dmo
server to be developped, so no tool implementation available yet really
(also, haven't fully checked if might be Mantis plugins/configs to
support various existing Auth protocols already, as we're aiming at
Mantis in a second time).
Best regards,
--
Olivier BERGER <olivier.berger at it-sudparis.eu>
http://www-public.it-sudparis.eu/~berger_o/ - OpenPGP-Id: 1024D/6B829EEC
Ingénieur Recherche - Dept INF
Institut TELECOM, SudParis (http://www.it-sudparis.eu/), Evry (France)
More information about the Oslc-Cm
mailing list