Thanks for sharing this Phil. Interestingly today I found someone else that has done exactly the same thing! http://datashare.is.ed.ac.uk/ is the University of Edinburgh¹s DSpace data repository. It uses a single-sign-on system, which obviously doesn¹t work well with things like SWORD.
To get around this, the developer George Hamilton (cc¹d) has added a randomly generated API key to each users¹ profile, and this is used as a proxy for a password for SWORD deposits. A neat solution, and sits well alongside similar API key configurations for web-based systems. Thanks, Stuart Lewis Head of Research and Learning Services Deputy Director Library & University Collections, Information Services University of Edinburgh stuart.le...@ed.ac.uk On 27/01/2014 19:25, "Philip Durbin" <philip_dur...@harvard.edu> wrote: Um. Sorry for the late reply. :) On the topic of API keys and SWORD, this just came across my radar: 'Enter the dashboard's IP address into the "Remote name" field and the user and API key noted earlier into the "Api username" and "Api key" fields' -- https://www.archivematica.org/wiki/Sword_API#Configuration Very interesting. Phil On Thu, Aug 1, 2013 at 2:49 PM, Richard Jones <rich...@cottagelabs.com> wrote: > Nope, no attempt to use OAuth with SWORD that I'm aware of. We toyed > with trying to do this as part of the protocol, and then decided that > it was Too Hard, might put people off implementing, and also ought to > be orthogonal to the task that sword is trying to carry out, so we > decided to leave it up to implementers to decide. > > Do you think that any modifications to sword are required in order to > permit OAuth? Our principal during development was to make sure we > didn't do anything which prevented such things, but I would like some > confirmation that we succeeded! > > Cheers, > > Richard > > On 1 August 2013 17:08, Philip Durbin <philip_dur...@harvard.edu> wrote: >> On Thu, Aug 1, 2013 at 10:07 AM, Philip Durbin >> <philip_dur...@harvard.edu> wrote: >>> Does anyone's SWORDv2 implementation use API keys (negotiated via >>> OAuth, maybe?) rather than HTTP Basic Authentication >>> (username/password) in conjunction with a TLS connection? >> >> It looks like Richard asked a similar question here: >> >> Re: [Sword-TAP] on-behalf-of vs. OAuth - >> >>http://www.mail-archive.com/sword-app-techadvisorypanel@lists.sourceforge >>.net/msg00141.html >> >> >From what I can tell, no one has implemented OAuth or similar with >>SWORD yet. >> >> Sorry for not noticing this post earlier. >> >> Phil >> >> -- >> Philip Durbin >> Software Developer for http://thedata.org >> http://www.iq.harvard.edu/people/philip-durbin >> >> >>------------------------------------------------------------------------- >>----- >> Get your SQL database under version control now! >> Version control is standard for application code, but databases havent >> caught up. So what steps can you take to put your SQL databases under >> version control? Why should you start doing it? Read more to find out. >> >>http://pubads.g.doubleclick.net/gampad/clk?id=49501711&iu=/4140/ostg.clkt >>rk >> _______________________________________________ >> sword-app-tech mailing list >> sword-app-tech@lists.sourceforge.net >> https://lists.sourceforge.net/lists/listinfo/sword-app-tech > > > > -- > > Richard Jones, > > Founder, Cottage Labs > t: @richard_d_jones, @cottagelabs > w: http://cottagelabs.com -- Philip Durbin Software Developer for http://thedata.org http://www.iq.harvard.edu/people/philip-durbin --------------------------------------------------------------------------- --- CenturyLink Cloud: The Leader in Enterprise Cloud Services. Learn Why More Businesses Are Choosing CenturyLink Cloud For Critical Workloads, Development Environments & Everything In Between. Get a Quote or Start a Free Trial Today. http://pubads.g.doubleclick.net/gampad/clk?id=119420431&iu=/4140/ostg.clktr k _______________________________________________ sword-app-tech mailing list sword-app-tech@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/sword-app-tech The University of Edinburgh is a charitable body, registered in Scotland, with registration number SC005336. ------------------------------------------------------------------------------ CenturyLink Cloud: The Leader in Enterprise Cloud Services. Learn Why More Businesses Are Choosing CenturyLink Cloud For Critical Workloads, Development Environments & Everything In Between. Get a Quote or Start a Free Trial Today. http://pubads.g.doubleclick.net/gampad/clk?id=119420431&iu=/4140/ostg.clktrk _______________________________________________ sword-app-tech mailing list sword-app-tech@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/sword-app-tech
