A proposal for an authentication system

Not for 'how-to' coding questions but PHP theory instead, this forum is here for those of us who wish to learn about design aspects of programming with PHP.

Moderator: General Moderators

Post Reply

Is my approach about authentication correct?

Poll ended at Mon Sep 07, 2009 12:19 pm

yes, it is
0
No votes
more or less
0
No votes
you are completly wrong
0
No votes
 
Total votes: 0

User avatar
fairsayan
Forum Newbie
Posts: 7
Joined: Sun Dec 21, 2008 6:32 am

A proposal for an authentication system

Post by fairsayan »

I'm developing a new REST application: OpenREST. The first issue I manage is authentication: I'd like to integrate SSO and OpenID approaches. I wrote an article about that in http://www.openrest.eu/docs/authenticat ... -login.php and I'd like some suggests about this topic.
Thnx,
Fair
User avatar
Christopher
Site Administrator
Posts: 13596
Joined: Wed Aug 25, 2004 7:54 pm
Location: New York, NY, US

Re: A proposal for an authentication system

Post by Christopher »

I think you will get some good analysis and feedback in this forum, but not by putting up a poll and requiring people to link to your site, read and then download and study complex software. You need to walk through your design and ask the key questions you want answered.
(#10850)
User avatar
Eran
DevNet Master
Posts: 3549
Joined: Fri Jan 18, 2008 12:36 am
Location: Israel, ME

Re: A proposal for an authentication system

Post by Eran »

Did you hear of OAuth? frankly I didn't find anything differentiating about your proposal. OAuth has been maturing for a quite a while and in use in several high profile services (such as Twitter).
http://oauth.net/
User avatar
fairsayan
Forum Newbie
Posts: 7
Joined: Sun Dec 21, 2008 6:32 am

Re: A proposal for an authentication system

Post by fairsayan »

Hi Pytrin,
I heard about OAuth because is one of the protocol used by Google for authentication. I understood that OAuth and OpenID are two different approaches for the same aim. I'm going to integrate http://openidenabled.com/ not http://oauth.googlecode.com/svn/code/php/ that are two implementations for these two standards.
My aim is a little wider: to develop a component in which OpenID or OAuth (or authentication against LDAP server) can be plugins for a general authentication method.
Fair
User avatar
fairsayan
Forum Newbie
Posts: 7
Joined: Sun Dec 21, 2008 6:32 am

Re: A proposal for an authentication system

Post by fairsayan »

but not by putting up a poll and requiring people to link to your site, read and then download and study complex software
I'm not requiring to download anything, just spending 2 minutes to read my article in which I describe my opinion: please, don't ask me to copy and paste on this forum what is already written in the page I linked.
Post Reply