Re: delegated authentication

On 23 Jun 2012, at 17:11, Sebastian Tramp wrote:

> On Sat, Jun 23, 2012 at 11:54:59AM +0200, Andrei Sambra wrote:
> 
> Hi all,
> 
> since we discussed this problem e.g. at the FSW in Berlin and on other places,
> I had some material about webid delegation already finished.
> 
> I've created a wiki page here:
> http://www.w3.org/wiki/WebID/Delegation

Great work! Thanks.

> I've added an extended sequence image and some structure and hope we can take
> this as a base for future discussion. Also note that we have this implemented
> since 3 years in OntoWiki (to allow inter-OntoWiki communication) but with
> other namings. Currently, Phil is reworking this part so that others (e.g.
> Andrei) can use that too (the link is added to the page too)

Great. yes, we should try to come to agree on some naming scheme.
I hope to be able to implement this soonish. The read-write-web rewrite 
in Play 2.0 is moving ahead.... Then we can test and write it out nicely.
But don't let my slowness slow you down :-)

Henry


> 
> Best regards
> 
> Sebastian Tramp
> 
>>> I understand you to be saying above that you are thinking of the secretary
>>> robot connecting to some server  (say on IBM.com),  and then make a request
>>> on that resource but somehow adding a ?id=webid to the url it was going to
>>> request? How would it know that that resource understood the same thing that
>>> you thought you meant when adding ?id=webid to the resource? There may not
>>> even be a resource there. (those are 2 different URLs)
>>> 
>>> That does not seem very RESTful. It would require 2 requests on the
>>> resource: one where you get the version without the ?id=webid fields, and it
>>> returns some information telling you how you can GET a version for the
>>> secretary namely in your case by adding a ?id=webid field (perhaps it
>>> returns a semantically annotated form).
>> 
>> Yes, you are right. I feared that using an extra HTTP header option would
>> require support from the webserver, but I was wrong. Indeed, specifying the
>> identity of the real person in the header would be the best solution.
> 
> 
> 
> 
> -- 
> WebID: http://sebastian.tramp.name

Social Web Architect
http://bblfish.net/

Received on Wednesday, 27 June 2012 06:49:20 UTC