Link Details

Link 903061 thumbnail
User 478055 avatar

By mitchp
via java.dzone.com
Published: Jan 09 2013 / 08:14

One of the common misconceptions about OAuth is that it provides identity federation by itself. Although supporting OAuth with federated identities is a valid pattern and is essential to many API providers, it does require the combination of OAuth with an additional federated authentication mechanism. Note that I’m not talking about leveraging OAuth for federation (that’s OpenID Connect), but rather, an OAuth handshake in which the OAuth Authorization Server (AS) federates the authentication of the user.
  • 4
  • 0
  • 179
  • 385

Add your comment


Html tags not supported. Reply is editable for 5 minutes. Use [code lang="java|ruby|sql|css|xml"][/code] to post code snippets.

Voters For This Link (4)



Voters Against This Link (0)



    Play Framework
    Written by: Ryan Knight
    Featured Refcardz: Top Refcardz:
    1. Akka
    2. Design Patterns
    3. OO JS
    4. Cont. Delivery
    5. HTML5 Mobile
    1. Akka
    2. JUnit/EasyMock
    3. Java Performance
    4. REST
    5. Java