![BUILDING AND USING SECURE WEB SERVICES WITH OAUTH Skillswap Goes Portable, November 25, 2008 Bruce Boughton [email_address] http://bruceboughton.me.uk http://lab.madgex.com/](https://image.slidesharecdn.com/skillswap-presentation-1227661745256551-9/85/Building-and-using-web-services-with-OAuth-1-320.jpg)
Recommandé
Contenu connexe
Similaire à Building and using web services with OAuth
Similaire à Building and using web services with OAuth (20)
Dernier
Dernier (20)
Building and using web services with OAuth
- 1. BUILDING AND USING SECURE WEB SERVICES WITH OAUTH Skillswap Goes Portable, November 25, 2008 Bruce Boughton [email_address] http://bruceboughton.me.uk http://lab.madgex.com/
- 2. web services are about data let’s think about data...
- 4. why?
- 5. CONTROL YOUR DATA Don't get locked into one vendor
- 6. Mash|ups < data > MORE INTERESTING http://pipes.yahoo.com/bruceboughton/skillswapmashup
- 7. RE-PURPOSE YOUR DATA in different contexts
- 9. Data should be available in STANDARD DATA FORMATS <xml/> POSH JSON μ f
- 16. we need an easy , user-friendly standard for third party api security
- 24. one thing: OAuth != OpenID (but they do play nicely)
- 25. OpenID is authentication OAUTH IS ACCESS CONTROL
- 27. Protected resources are exposed by service providers and used by consumer applications on behalf of users
- 28. e.g. My physical location is exposed by the Fire Eagle API and used by the Madgex Lab demo on my behalf
- 29. Consumer identity asserted using CONSUMER KEY and SECRET
- 32. Requests are SIGNED and include a TIMESTAMP and NONCE
- 33. This is just PLAIN OLD HTTP with added super powers
- 34. don’t worry, there are plenty of open source libraries
- 35. Ruby .NET Python PHP Java JavaScript Objective-C and more... http://oauth.net/code
- 36. do we have time for some code? OAuth.net library http://lab.madgex.com/oauth-net
- 41. QUESTIONS? OR BEER. Bruce Boughton [email_address] http://bruceboughton.me.uk http://lab.madgex.com/