uhm... - the access control can be more strict - at the same time handleing the database for multiple customers seems more appropriate than directories for customers and apps - then again - maybe that's just me ;-) - redundancy in data avoidable
the fun part: If the server knows the public key of the client, the client doesn't have to request the data. In can be distributed on guess. If the client is listening then it will receive the data. Since only the client has its private key only this particular client can decrypt the message. Having the client to actually request the data is an optional feature. So there is no need for the client to authenticate anywhere... or am i missing something? Thanks for the reply though - i seriously have to consider using an "easy" solution to this problem. regards On 6 Apr., 23:35, Theo Van Dinter <[email protected]> wrote: > How's this different than storing the information in a database w/ > appropriate access controls? Either way, you need something (database > auth credentials vs a pub/priv key pair) available by which the apps > can authenticate to get the real data you want. > > But otherwise, yeah, you could front-end the database with some rpc/api too. > :) > > On Mon, Apr 6, 2009 at 3:53 PM, konqi <[email protected]> wrote: > > My idea of a nice way to do this would be to use a webservice. > > 1. Client requests authentication data using its public key. > > 2. Server checks pubkey against stored pubkey in its database (simple > > authentication). > > 3. Server uses public key to encrypt the authentication data and sends > > back XML-Response. > > 4. Client can decrypt the data using its private key and continue. > > Server uses a Database with a (neat) user interface. --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "Google Apps APIs" group. To post to this group, send email to [email protected] To unsubscribe from this group, send email to [email protected] For more options, visit this group at http://groups.google.com/group/google-apps-apis?hl=en -~----------~----~----~----~------~----~------~--~---
