shibboleth-dev - RE: [Shib-Dev] Spring supports OAuth
Subject: Shibboleth Developers
List archive
- From: "Scott Cantor" <>
- To: <>
- Subject: RE: [Shib-Dev] Spring supports OAuth
- Date: Thu, 12 Feb 2009 11:26:33 -0500
- Organization: The Ohio State University
Wu, Albert wrote on 2009-02-12:
> Not that I necessarily think this is the right thing to do, but if one
> considers "attributes" in Shib terms as "protected resource" in OAuth
terms, and
> Shib IDP as OAuth "Service Providers", the 2 spaces begin to overlap.
> Would it be conceivable that there eventually be a use case for
interoperability?
OAuth as a security mechanism to authenticate to the IdP for queries? I
can't see that being of much use with any current use cases, but if you were
using the IdP as something like a "personal profile service" in the Liberty
sense, I suppose it might be plausible.
I think in general that the user consent model during SSO to approve release
is simpler than something with OAuth that bounces you back to the IdP would
be. But if you start looking at aggregation use cases, then it might come
up.
-- Scott
- Spring supports OAuth, Tom Scavo, 02/12/2009
- Re: [Shib-Dev] Spring supports OAuth, Chad La Joie, 02/12/2009
- Re: [Shib-Dev] Spring supports OAuth, Mike Jennings, 02/12/2009
- RE: [Shib-Dev] Spring supports OAuth, Scott Cantor, 02/12/2009
- RE: [Shib-Dev] Spring supports OAuth, Wu, Albert, 02/12/2009
- RE: [Shib-Dev] Spring supports OAuth, Scott Cantor, 02/12/2009
- RE: [Shib-Dev] Spring supports OAuth, RL 'Bob' Morgan, 02/12/2009
- RE: [Shib-Dev] Spring supports OAuth, Wu, Albert, 02/12/2009
- Re: [Shib-Dev] Spring supports OAuth, Chad La Joie, 02/12/2009
Archive powered by MHonArc 2.6.16.