couchdb-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Camille Harang <mammi...@yooook.net>
Subject Re: OAuth for authorization (not authentication)
Date Mon, 18 Jul 2011 14:00:04 GMT
Le 18/07/2011 15:44, Robert Newson a écrit :
> As also noted on IRC, you are indeed wrong, you just don't like the
> granularity of the operation you are authorized to perform after
> successfully authenticating. :)

Ha, I'm not sure not liking it, I might just not understand how it's
supposed to work :-/ What am I supposed to do after authentication to
let a view grant or not read access? Should I reflect the rights
associated to a OAuth token somewhere, during the authentication
process? If yes, where? In the ACLs?

Thank you,

Camille.


> B.


-- 
The Good, the Bad and the Ugly under Creative Commons! https://yooook.net/r/lp1


Mime
View raw message