- From: Dyer, Kevin <kevin.dyer@matrixone.com>
- Date: Fri, 20 Sep 2002 11:31:08 -0400
- To: "'Clemm, Geoff'" <gclemm@Rational.Com>, Webdav WG <w3c-dist-auth@w3c.org>
- Message-ID: <9150DCE0CCB4D411A7DB00508BB0DBF202E5C8E3@msx1am.matrixone.net>
>From: Clemm, Geoff [mailto:gclemm@Rational.Com] >I believe the problem statement is: > >The problem: A client wants to check if the current user is >authenticated to do an operation before it has that user provide the >input for that operation, and before it performs expensive >computations to set up the input for that request. With this as the problem statement, I believe that we need to look outside of our own protocol here and take a look at one or more protocols that only deal with the authentication and authorization of users and systems. Why does WebDAV have to come up with the whole package themselves? If we look at the SAML specifications for a moment, it provides the ability to request from a server what a particular user is asking for and get back a complete answer. Yes, it is another call but the user is guaranteed to have a complete answer as to authentication and authorization across a large circle of influence. By adopting SAML as the back-end mechanism we will also pick up a true single sign-on capability for WebDAV, something we've talked about and alluded to but have not considered it in the RFC. Comments, rocks, bottles, or stones? Kevin ____________________________________________ Kevin J. Dyer Sr. Technologist, Product Management kevin.dyer@matrixone.com TEL: 978-322-2011 FAX: 978-322-2040 MOBILE: 978-549-0971 MatrixOne, Inc. Two Executive Drive Chelmsford, MA 01824 USA www.matrixone.com "Changing the way the world brings products to market" (tm) ____________________________________________
Received on Friday, 20 September 2002 11:31:53 UTC