abdera-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "David Calavera" <david.calav...@gmail.com>
Subject Re: Server authenticaion support
Date Wed, 02 Apr 2008 15:36:18 GMT
Hi Remy,

Openauth is helpful when your application will need that the user grants its
access to some of his data, it's like Google AuthSub or AuthLogin, thus, I
think wsse is enough in that case and it's quite easy to implement.

On the other hand, Abdera just comes with auth client extensions but I think
that the best place to implement an Abdera security layer would be the
provider filters, they works like java filters but you don't need to include
them in the web.xml.

I send you some link that I think they could be useful:

http://webservices.xml.com/pub/a/ws/2004/10/20/wss5.html
http://code.google.com/p/oauth/
http://oauth.net/core/1.0/

Cheers

On Wed, Apr 2, 2008 at 4:51 PM, Remy Gendron <remy@arrova.ca> wrote:

> Hello all,
>
>
>
> I'm looking at securing my Abdera server implementation. Do you have
> recommendations for the following?
>
>
>
> 1) OpenAuth or WSSE? I am developing intra-corporate Atom services. These
> will not be exposed to the outside. Backed by a corporate LDAP.
>
> 2) Are there support libraries that would help in implementing this on the
> server side? Abdera already comes with auth extensions. How do I leverage
> these on the server side? Shouldn't security be orthogonal to the Atom
> stuff? I was thinking along the way of a servlet filter.
>
> 3) My server is heavily Spring. I will look up ACEGI.
>
>
>
> Thanks,
>
>
>
>
>
> Rémy
>
>
>
>


-- 
David Calavera
http://www.thinkincode.net

Mime
  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message