Dnia 07-11-2007, Śr o godzinie 15:33 -0800, anders conbere pisze: > Example work flow > ============== > > User = user logging into a web application > Consumer = The Web Application > Service Provider = Users Jabber Server > > Use requests access to an xmpp api from the Consumer > Consumer redirects the user to the Service Provider > The User enters their credentials into the Service Provider > The Service Provider posts back to the Consumer with a unique access > token > The Consumer then make the xmpp api call to the Service Provider with > the unique token granted to it. > > Future request for data from the Consumer would be done with the > token, and provided access to the restricted api's
If I understand correctly, what you are describing is OpenID authorized by XMPP. It is already in use. Please see http://openid.xmpp.za.net/ -- /\_./o__ Tomasz Sterna (/^/(_^^' Xiaoka.com ._.(_.)_ XMPP: [EMAIL PROTECTED]