[geeklog-devel] Webservices API in CVS

Dirk Haun dirk at haun-online.de
Sun Aug 12 03:24:09 EDT 2007

Previous message: [geeklog-devel] Webservices API in CVS
Next message: [geeklog-devel] Webservices API in CVS
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Blaine Lang wrote:

>Although, I think the full power of webservices would be seen if we did

>implement security and this is how it could be implemented:

>

>You send a "authenticate" verb (...)

Authentication is, of course, handled by the protocol the webservices
uses. So Atompub in this case:

>14. Securing the Atom Publishing Protocol

>

> The Atom Publishing Protocol is based on HTTP. Authentication

> requirements for HTTP are covered in Section 11 of [RFC2616].

(...)

> At a minimum, client and server

> implementations MUST be capable of being configured to use HTTP Basic

> Authentication [RFC2617] in conjunction with a connection made with

> TLS 1.0 [RFC2246] or a subsequent standards-track version of TLS

(actually, I think it's currently only doing Basic Authentication,
without TLS - but then again that's about as secure as a direct login)

Once authenticated, it's like the user logged directly into the Geeklog site.

bye, Dirk

--
Geeklog Day at FrOSCon: August 25, 2007 - See you there!
http://www.geeklog.net/article.php/geeklog-day-at-froscon

Previous message: [geeklog-devel] Webservices API in CVS
Next message: [geeklog-devel] Webservices API in CVS
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

More information about the geeklog-devel mailing list