[oslc-Reporting] OSLC Reporting - Authentication
Tack Tong
tacktong at ca.ibm.com
Mon Mar 15 19:44:31 EDT 2010
Team,
We discussed the topic of Authentication in our Workgroup call this
morning. I just noticed that Authentication is also an OSLC Core Spec.
topic. Here is an extract from the Core Spec. I believe what is described
in Core as below is sufficient for Reporting and there is no need to
duplicate work and spec. I like to get some feedback from the team to see
whether we need to spend more time to prepare this topic for our next
Reporting call or just referring to this topic in Core Spec would be
sufficient.
Authentication
OSLC Services use standard web protocols for authentication, these are the
options allowed.
HTTP Basic Authentication
TBD: OSLC Services MAY protect resources with HTTP Basic Authentication.
OSLC Services that use HTTP Basic Authentication SHOULD do so only via SSL.
OAuth Authentication
TBD: OSLC Services MAY protected resources with OAuth Authentication.
OSLC Services that use HTTP Basic Authentication SHOULD provide Two-legged
OAuth Authentication as an option.
Form Based Authentication
TBD: OSLC Services MAY protected resources with Form Based Authentication.
Services that use Form Based Authentication MUST implement Form Based
Authentication as specified below in OSLC Form Based Authentication.
OSLC Form Based Authentication
TBD: specify how form based authentication works, because it is
non-standard (?)
Tack Tong
IBM Rational software
tacktong at ca.ibm.com
905-413-3232
tie line 313-3232
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://open-services.net/pipermail/oslc-reporting_open-services.net/attachments/20100315/9c0f47e9/attachment-0003.html>
More information about the Oslc-Reporting
mailing list