Hello - The following url provides a pretty good overview of oAuth: http://answers.oreilly.com/topic/1381-how-to-use-three-legged-oauth/ I've implemented oAuth before for Twitter integration but I'm still trying to get a deeper understanding of its concepts.
For example, consider the excerpt below from the URL I provided above: "Although the flow appears complex, it is designed to let clients access the user’s data without asking for the user’s credentials such as a username and password. Moreover, the user can
ask the server to revoke the permission to any client." Can you describe the relationship between a client and a user? Also, is the excerpt above written in the context of someone using oAuth to secure the service they're providing or is it written in the
context of someone using oAuth to authenticate to an external service?
dotnetterAMG...
Member
236 Points
520 Posts
oauth confusion
Nov 24, 2012 04:42 PM|LINK
Nico_He
Member
118 Points
29 Posts
Re: oauth confusion
Nov 29, 2012 08:35 AM|LINK
It is different with the difference of authentication you are using.
If Windows authentication, a client can have multiple users, as long as it has Windows auth.
If UserName Password, it is the same user as long as it uses this UserName Password to access the service.
If Certificate, it is distinguish by the certificate.