New proposal for section 5.2.9.3 "Authentication with Tokens for Browser Clients"

XMLWordPrintable

    • Type: Improvement
    • Resolution: Applied
    • Priority: Major
    • None
    • Affects Version/s: V1.1
    • Component/s: Browser Binding
    • None

      The web browser authentication method in section 5.2.9.3 has been criticized as difficult to implement.

      I would like to propose an alternative. My proposal is here:
      http://www.oasis-open.org/apps/org/workgroup/cmis/download.php/46128/BrowserBindingTokens.pdf

      This alternative is easy to use by application and moderately difficult to implement by servers. I have built a sample implementation in Java. Contact me if you are interested.

      This proposal also affects other parts of the browser binding chapter. For example, the field "cmistransaction" in sections 5.4.2.18 and 5.4.4.4 should be replaced with the tokens described in the proposal.

            Assignee:
            Florian Müller (Inactive)
            Reporter:
            Florian Müller (Inactive)
            Votes:
            0 Vote for this issue
            Watchers:
            0 Start watching this issue

              Created:
              Updated:
              Resolved: