Great explanation Marcel.<br><br><div class="gmail_quote">On Wed, Dec 1, 2010 at 5:43 PM, Marcel Kolsteren <span dir="ltr"><<a href="mailto:marcel@meandi.nl">marcel@meandi.nl</a>></span> wrote:<br><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex;">
<div style="word-wrap:break-word"><div>Apart from the question about whether to extend Seam Security with support for delegated access mechanisms, there is another thing to take into account. There is a new OAuth 2.0 standard, which is very interesting. It's a lot less complex than OAuth 1.0, and although it's still very new (AFAIK the spec hasn't even been completed), Facebook already implemented it. I already added an external authentication option in the PicketLink Seam module, based on their OAuth 2.0 access point, so that users can be authenticated with their Facebook accounts.</div>
</div></blockquote><div><br></div><div>This is going to be the 80% case. It's all the rave this days. The same goes for Twitter auth.</div><div><br></div><div>And yes, OAuth is a pain for a newcomer. I encountered it's complexity when twitter forced me to introduce OAuth into my shell script that backs up my account. A lot of work to keep the status quo.</div>
<div><br></div><div>-Dan</div><div><br></div></div>-- <br><div>Dan Allen</div>Principal Software Engineer, Red Hat | Author of Seam in Action<br>Registered Linux User #231597<br><br><a href="http://mojavelinux.com" target="_blank">http://mojavelinux.com</a><br>
<a href="http://mojavelinux.com/seaminaction" target="_blank">http://mojavelinux.com/seaminaction</a><br><a href="http://www.google.com/profiles/dan.j.allen" target="_blank">http://www.google.com/profiles/dan.j.allen</a><br>