How widely supported is OAuth vs. other authentication standards?
This may be something for the community wiki, but I'm gonna ask anyway.
I need to invest in something related to server authentication and there seem to be a few good one开发者_JAVA技巧s out there.
OAuth is used mostly as an authorization mechanism whereas OpenId is the widespread authentication protocol.
Let me explain with an example:
Authentication
:OpenId is used mostly as a substitute for managing user accounts...People hate creating new accounts and remembering passwords for it...so u can use openId for such situations...
Authorization
:If you want to give access to a third party application like lets say another website twitterWithSoccerUI.com....which tweets for you...except it has soccerposter UI....in that case u need to authorize twitterWithSoccerUI.com to tweet on your behalf...
Here's a list...
- Google -> Oauth(For authorization) + OpenId(For authentication)
- Facebook -> OAuth 2.0
- Twitter -> OAuth 1.0a
- Yahoo -> OpenId
- StackExchange -> OpenId
Feel free to add more..
OAuth is an authentication protocol that allows users to approve application to act on their behalf without sharing their password. More information can be found at oauth.net or in the excellent Beginner's Guide to OAuth from Hueniverse.
More on twitter development blog
精彩评论