[
http://jira.amdatu.org/jira/browse/AMDATUAUTH-51?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Ivo Ladage - van Doorn updated AMDATUAUTH-51:
---------------------------------------------
Component/s: oAuth
> Provide an alternative to oAuth for securing REST APIs
> ------------------------------------------------------
>
> Key: AMDATUAUTH-51
> URL: http://jira.amdatu.org/jira/browse/AMDATUAUTH-51
> Project: Amdatu Auth
> Issue Type: Roadmap Issue
> Components: oAuth
> Affects Versions: 0.1.0
> Reporter: Ivo Ladage - van Doorn
>
> Most REST APIs can be secured using oAuth Signed Requests, 2-legged or
> 3-legged oAuth. However, some services are that 'core' that they cannot or
> should not be secured with oAuth. The best example of such an APIs is the
> Consumer registry. If the REST API of this service was protected using oAuth
> Signed Requests, new consumers could only be added AFTER they have already
> been added. Huh? Exactly, that won't work.
> One could think of a security mechanism using amdatu node certificates or
> checking IP addresses to authenticate where a request is coming from.
--
This message is automatically generated by JIRA.
For more information on JIRA, see: http://www.atlassian.com/software/jira
_______________________________________________
Amdatu-developers mailing list
[email protected]
http://lists.amdatu.org/mailman/listinfo/amdatu-developers
