In that environment, token secret can be hidden? If not, you shouldn't use anonymous OAuth. If you cannot hide consumer secret (or private key when using RSA- SHA1) neither, you might should use OAuth proxy.
thanks nov matake On Nov 28, 9:50 pm, hitoshi uchida <[email protected]> wrote: > Hi all, > > Concerning 'anonymous' mode supported Google OAuth provider for > installed application, is it always safe to use the specific mode in > consumer services ? > > I would like to execute a consumer service which can't be reachable > because it is executed in user's LAN environment, and the service > retrieves user' datas from GData service. > So I have a secutiry concern about the 'anonymous' mode. > > Regards, > Hitoshi Uchida -- You received this message because you are subscribed to the Google Groups "OAuth" group. To post to this group, send email to [email protected]. To unsubscribe from this group, send email to [email protected]. For more options, visit this group at http://groups.google.com/group/oauth?hl=en.
