Hi Randy,
the issue about the browser interaction is that the SSO mechanisms for
the Web* have not standardized the authentication part. Since there is
so much Web deployment out there and folks have an interest to work with
existing deployment.
However, there is a window of opportunity here: there is currently an
effort ongoing to standardize a new HTTP authentication mechanism.
Additionally, there is the (maybe a bit theoretical) chance to make use
of ABFAB (another IETF effort, see
http://tools.ietf.org/html/draft-ietf-abfab-arch-03).
Does this make sense to you?
Ciao
Hannes
*: For the mobile world (if you consider 3GPP specifications) then there
is a way to use WebSSO procedures without the interactive browser
interaction.
On 09/18/2012 06:22 AM, Randy Turner wrote:
I would like to emphasize the earlier point….it would be nice if we had a
solution that did NOT require an interactive browser procedure.
Randy
On Sep 17, 2012, at 5:21 PM, Randy Turner <rtur...@amalfisystems.com> wrote:
What about a combination...OpenID Connect ?
Peter Saint-Andre <stpe...@stpeter.im> wrote:
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
On 9/17/12 3:00 PM, Ivan Martinez wrote:
I'm currently considering wether to use OAuth2 or OpenID2 in my
server. Which one do you think will be more adopted as a user
authentication mechanism in XMPP servers?. Which companies are
planing to use each of them?.
IMHO it is much more likely that people will implement and deploy
OAuth2 than OpenID for XMPP authentication.
/psa
-----BEGIN PGP SIGNATURE-----
Version: GnuPG/MacGPG2 v2.0.18 (Darwin)
Comment: Using GnuPG with Mozilla - http://www.enigmail.net/
iEYEARECAAYFAlBXlNAACgkQNL8k5A2w/vwhhgCfdakf/6wV7D+shOKcerR6bcTP
YFYAoI60RJcxNcz3Uj7X0kA1CWfz9pot
=0TLT
-----END PGP SIGNATURE-----
