Aleksandr Konstantinov wrote:
On Tuesday 30 September 2008 18:42, Donal K. Fellows wrote:
Christopher Smith wrote:
Could you not employ X.509 client/server authentication at the TLS layer? I believe you can access the certificate information when processing the HTTP operations.
Just wondering....
That sounds like an entirely practical way of doing it to me, especially as there is rather a lot of in-service experience out there with handling authentication and authorization for access to HTTP operations. There might be a few tricky bits of course (notably how to handle telling the client how to authenticate to the server, though in the fallback case of username/password all that stuff exists already) but it still seems quite possible.
How about delegation? Will it require additional mapping? Or should it be handled in a separate layer?
I think from a standpoint of the Grid embedded into the Web, it is interesting to look at what the Web community proposes in this area - for example, OpenID for 1st party, and OAuth for 3rd party (including delegation). (?) Roger
A.K.
I like the idea that the interfaces we define are fundamentally independent of how they are interacted with. That has the architectural equivalent of Good Code Smell. :-)
Donal. -- ogsa-bes-wg mailing list ogsa-bes-wg@ogf.org http://www.ogf.org/mailman/listinfo/ogsa-bes-wg
-- ogsa-bes-wg mailing list ogsa-bes-wg@ogf.org http://www.ogf.org/mailman/listinfo/ogsa-bes-wg
-- Dr. Roger Menday Juelich Supercomputing Centre Institute for Advanced Simulation Forschungszentrum Juelich GmbH 52425 Juelich, Germany Email: r.menday@fz-juelich.de Skype: yadnem Phone: +49 2461 611588 http://www.fz-juelich.de/jsc JSC is the coordinator of the John von Neumann Institute for Computing (NIC) and member of the Gauss Centre for Supercomputing (GCS) ------------------------------------------------------------------- ------------------------------------------------------------------- Forschungszentrum Jülich GmbH 52425 Jülich Sitz der Gesellschaft: Jülich Eingetragen im Handelsregister des Amtsgerichts Düren Nr. HR B 3498 Vorsitzende des Aufsichtsrats: MinDir'in Bärbel Brumme-Bothe Geschäftsführung: Prof. Dr. Achim Bachem (Vorsitzender), Dr. Ulrich Krafft (stellv. Vorsitzender), Prof. Dr. Harald Bolt, Dr. Sebastian M. Schmidt ------------------------------------------------------------------- -------------------------------------------------------------------