Uploaded image for project: 'OASIS OSLC Lifecycle Integration Core (OSLC Core) TC'
  1. OASIS OSLC Lifecycle Integration Core (OSLC Core) TC
  2. OSLCCORE-7

OSLC Core 3.0 should specify minimal and recommend authentication to improve interoperability

    XMLWordPrintable

    Details

    • Type: Task
    • Status: Resolved
    • Priority: Major
    • Resolution: Fixed
    • Component/s: None
    • Labels:
      None
    • Resolution:
      Hide

      TC agreed to this change

      Show
      TC agreed to this change

      Description

      Security concerns are also important when managing shared information across organization and tool boundaries. The specific security needs of any application however are difficult to predict. Experience has shown that this varaiability results in complexity for tool integration and therefore some standard mechanism for authentication discovery is highly desired.

      At a minimum, OSLC 3.0 servers MAY protect resources with HTTP Basic Authentication. OSLC Services that use HTTP Basic Authentication SHOULD do so only via SSL.

      OSLC 3.0 servers SHOULD protect resources with OAuth2 Authentication utilizing OpenID Connect.

        Attachments

          Activity

            People

            • Assignee:
              jamsden James Amsden
              Reporter:
              jamsden James Amsden
            • Watchers:
              1 Start watching this issue

              Dates

              • Created:
                Updated:
                Resolved: