[Opensim-dev] OAuth as authentication and authorisation (capability) specification
Kyle Hamilton
aerowolf at gmail.com
Sat Apr 25 20:04:35 UTC 2009
oh. it looks like the kind of problem that proxy certificates were
supposed to solve.
-Kyle H
On Fri, Apr 24, 2009 at 9:21 PM, Tommi Laukkanen
<tommi.s.e.laukkanen at gmail.com> wrote:
> Hello
>
> OAuth seems to provide OpenSimulator server side authentication and
> authorisation needs. If you are interested in this area please read
> this page and especially the "What is it for"-chapter:
>
> http://oauth.net/about/
>
> "Is OAuth a New Concept?"-chapter is a good read as well.
>
> Essentially it looks like a way to pass capabilities to servers. For
> example you might give opensim region limited access to your
> inventory.
>
> More details can be found from their community wiki:
>
> http://wiki.oauth.net/
>
> Does anyone know other specifications for service level authentication
> and authorisation (as opposed to browser and user level authentication
> like OpenID and SAML)?
>
> As you can see from the wiki front page for example google offers
> standard oauth api. I would like to use my google identity in OpenSim
> as soon as possible :). Someone might want to use AOL, Flickr, Amazon,
> yahoo or facebook which are already supported. The big difference is
> here that you need not pass your secrect password to opensim server or
> go to openid login page at the provider. Idealistviewer could handle
> authentication with google and pass the capability tokens to region
> when connecting to it.
>
> If you want to help Metaverse be realised in shortest possible time
> please study OAuth and alternative approaches if such exist. I believe
> this area needs some OpenSim community focus to get it properly sorted
> for next technology leap. I hear a new version of CableBeach is coming
> out and it would be great to have standards compliant solution in
> capabilities area. By standards compliant I mean a solution which can
> hook to major identity provider players as of now. The claim of this
> post is that it is already possible with OAuth specification which has
> been written by experts of the area.
>
> If all those major players are supporting OAuth I think it is a strong
> signal that the technology is good and mature. My understanding is
> that it is very well compliant with OpenSim needs as well.
>
> -tommi
> _______________________________________________
> Opensim-dev mailing list
> Opensim-dev at lists.berlios.de
> https://lists.berlios.de/mailman/listinfo/opensim-dev
>
More information about the Opensim-dev
mailing list