> We all know that base-auth is a gold for our app and when we think about > another way like OAuth we get mad.... > BUT > If the Toke had infinit life time (probabily will do), so the big poblem > transform in a little problem with 3 steps: > > 1-Your Webapp redirect the user to Twitter Web Site (Authentication) > 2- User put username and password > 3- Twitter redirect again the user for your Webapp authenticated.
Right, for webapps this is a bit of pain but it's still workable into a workflow since you're still in a browser. The point Ed and I were making is that for *local* or *desktop* apps, you might not be anywhere near a browser or browser-like-thing at all, so OAuth would either be a serious constraint or actually not possible. But you're quite right for third-party webapps. It hurts a bit, but it is workable, and the benefits outweigh the disadvantages. -- ------------------------------------ personal: http://www.cameronkaiser.com/ -- Cameron Kaiser * Floodgap Systems * www.floodgap.com * [email protected] -- FOOLS! I WILL DESTROY YOU ALL! ASK ME HOW! -- "Girl Genius" 8/29/07 --------
