Blog

OAuth for authorization

What OpenID is for authentication is OAuth for authorization. So much for the probably over simplified intro.

The OAuth protocol is getting some momentum but is currently not so "big" as OpenID. Still, it's being mentioned more and more.

A use case scenario :
OAuth is defined as a an open protocol to allow secure API authentication in a simple and standard method. Don’t be tempted to think that OAuth implies open authentication. It doesn’t. It is closer to open authorization. Let’s say you are registering as a delegate on a conference website. With OAuth it is possible for the conference website to automatically add the event to your google calendar or yahoo calendar with your consent (assuming google and yahoo support OAuth). How does it work ? Well, once you decide to let the conference website add an event to your google calendar, you get redirected to google. On google , you explicitly authorize the conference website to modify your calendar. After this authorization, the conference website will have permission to modify your calendar data.

More info
http://portalzone.blogspot.com/2007/12/openid-oauth-complimentary-or-competing.html

http://oauth.net

Technology Technology

Op 22/07/2008 door Orbit One

.NET 3.5, Visual Studio and TFS SP1 released

Technology Technology

Op 22/07/2008 door Orbit One

SQL Server 2008 is ready

SLQ Server is RTM = Release To Manufacturing which means only the CD has to be pressed and packaged. It can already be downloaded from MDDN
 
New features that I think are worth mentioning :
  • Resoure governer
    Example : users get 70% of the CPU time, the rest 30%. This means that when no users are active the rest gets 100% CPU time. Only when the 2 groups are avtive at the same time Resoure Governer will kick in and devide the CPU time
  • IntelliSense when typing sql
    ... Finaly.
  • Change Tracking
    Example: An external site wants to subscribe to events. By using Change Tracking you can sent only the updates/delete/creates that happen agter the last synchronisation. In the past you have to program this all yourself, now this is not necessary anymore.

 

Op 22/07/2008 door Orbit One