Hi web2py-folks! I am missing 3 legged auth of user, through consumer, to service provider?
Web2py has most of the basic elements for building a service-provider application. E.g. REST, json, xml. xml-rpc etc. As I see it - the only (?) missing element is Auth (/Oauth). In a service-architecture there is 3 "parties": 1. The Service Provider 2. The Consumer 3. The User Right now web2py handles "2 legged auth", where consumer and user is one entity. But to allow for a real service-architecture I need to handle "3 legged auth" (OAuth): I suggest: - 2 seperate web2py demo applications that act as Service Provider and Consumer. - Easy 2 legged auth of consumer through shared secret - 3 legged auth of user to service provider, which allow the user to grant access of consumer on his/her behalf. Ref: http://www.hueniverse.com/hueniverse/2008/10/beginners-guide.html http://oauth.googlecode.com/svn/code/python/ Any experiences or comments are welcome! Regards Niels --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "web2py Web Framework" group. To post to this group, send email to [email protected] To unsubscribe from this group, send email to [email protected] For more options, visit this group at http://groups.google.com/group/web2py?hl=en -~----------~----~----~----~------~----~------~--~---
