[OSM-dev] User authentication/Single sign on (was: Proposal for a map-bug tracker)
zerebubuth at gmail.com
Sat Nov 29 00:44:33 GMT 2008
On Fri, Nov 28, 2008 at 11:45 PM, Frederik Ramm <frederik at remote.org> wrote:
> A user talking to System X must be able to prove to System X that he is
> OpenStreetMap user Z, without System X gaining any privileged information.
better still, the user gets to say exactly what information system X
can access, how long for and to revoke it whenever they feel like it.
> As far as I know this has nothing to do with LDAP, or does LDAP
> somewhere specify a scheme like that?
ldap is "just" a directory protocol - it specifies nothing about how
the information it stores can be used.
> What we need is probably OAuth.
+1. OAuth is exactly what we need and there are gems and rails
adaptors for it. i've had a play with it and it looks very cool. we
integrate that with the server code, add some mandatory access bits
(can write to the api, can read/write gpx traces, can read/write user
prefs, diaries, etc...) and everything conforms to a well-known
standard for which there are many client libraries.
> (unless we want to write our own version of the above)
-1 billion. standards are good - but the world doesn't need another one ;-)
More information about the dev