-
Type: Task
-
Status: Resolved
-
Priority: Major
-
Resolution: Fixed
-
Component/s: None
-
Labels:None
-
Resolution:
Security concerns are also important when managing shared information across organization and tool boundaries. The specific security needs of any application however are difficult to predict. Experience has shown that this varaiability results in complexity for tool integration and therefore some standard mechanism for authentication discovery is highly desired.
At a minimum, OSLC 3.0 servers MAY protect resources with HTTP Basic Authentication. OSLC Services that use HTTP Basic Authentication SHOULD do so only via SSL.
OSLC 3.0 servers SHOULD protect resources with OAuth2 Authentication utilizing OpenID Connect.