[OSM-talk] Taking OSM usernames and passwords on other sites (eg Freemap)

Christopher Schmidt crschmidt at metacarta.com
Wed Mar 28 14:22:44 BST 2007


On Wed, Mar 28, 2007 at 03:18:36PM +0200, Thomas Walraet wrote:
> Christopher Schmidt a ?crit :
> >
> >Obviously, this is a non-trivial interaction. I'm not aware of any open
> >source code that does this already.
> 
> CAS handle this case where a web application is authorised to do request 
> on third party server on behalf of a loggued user.
> 
> I haven't looked at openID yet, but it seems to provide something 
> similar to CAS (central authentification server)

Authentication is only a part of the puzzle. Authentication in the form
of OpenID allows a web application to ensure that *you* are who you say
you are -- so, OSM could check that you are foo at freemap.co.uk -- but not
that a server is representing who it says it is.

I don't know if that's clear or not, but we're very close to a point
where I have no knowledge or understanding anyway, so I'm glad to have
someone else with more experience step in :)

Regards,
-- 
Christopher Schmidt
MetaCarta




More information about the talk mailing list