On Thu, 6 Aug 2009 05:09:48 -0700 (PDT)
Dewald Pretorius <dpr...@gmail.com> wrote:

> Amen to that.
> 
> When one does customer support for long enough, you quickly realize
> that:
> 
> a) People do not read instructions, and
> 
> b) Many people are not as computer literate as you'd wish them to be.
> 
> If you send people all over the place, many go, "WTF," and abandon the
> process out of fear or ignorance.
> 
> With Basic Auth the process is very simple. Enter the username and
> password on your site, and click the save button. It shouldn't be any
> more involved or complicated with OAuth.

The problem with Basic Auth is that it doesn't know the difference
between Authentication and Authorization. It's an oversimplification.
The only way to do something *for* someone is to *be* that someone as
far as the target system is concerned. A system that is as smart as it
needs to be is going to be a little more complicated and involved than
that.

You can still do a little animated "authorize this" screen just like
Facebook with OAuth. Just set up a gateway on your server and Ajax the
whole work flow through the gateway. There's no need to complicate the
UX. The complications can go in the back end so that you can get your
authenticalization in one click. 

Chris Babcock

Attachment: signature.asc
Description: PGP signature

Reply via email to