[OSM-talk] Taking OSM usernames and passwords on other sites (eg Freemap)
crschmidt at metacarta.com
Wed Mar 28 14:22:44 BST 2007
On Wed, Mar 28, 2007 at 03:18:36PM +0200, Thomas Walraet wrote:
> Christopher Schmidt a ?crit :
> >Obviously, this is a non-trivial interaction. I'm not aware of any open
> >source code that does this already.
> CAS handle this case where a web application is authorised to do request
> on third party server on behalf of a loggued user.
> I haven't looked at openID yet, but it seems to provide something
> similar to CAS (central authentification server)
Authentication is only a part of the puzzle. Authentication in the form
of OpenID allows a web application to ensure that *you* are who you say
you are -- so, OSM could check that you are foo at freemap.co.uk -- but not
that a server is representing who it says it is.
I don't know if that's clear or not, but we're very close to a point
where I have no knowledge or understanding anyway, so I'm glad to have
someone else with more experience step in :)
More information about the talk