[OSM-dev] User authentication/Single sign on
Frederik Ramm
frederik at remote.org
Sat Nov 29 00:34:27 GMT 2008
Hi,
Stefan de Konink wrote:
> I wanted to implement this just as a http_auth request to the server. If
> the http auth request fails it would tell me that the user/pass is
> false. Is this method a priori bad?
Well... anyone who makes the request would have to know the user's
password. The OSM password is not worth a lot but still I do not think
it is a good idea that I should reveal my password to the forums, to
OpenStreetBugs, and to any other site that offers some OSM-related
service, just so that they can make a http_auth request to the server!
Bye
Frederik
--
Frederik Ramm ## eMail frederik at remote.org ## N49°00'09" E008°23'33"
More information about the dev
mailing list