Authentication and Security

atuttle edited this page Jan 1, 2013 · 4 revisions

Authentication and Security

If fine-grain authentication and security are required, my current recommendation is to use a combination of HTTP Basic Authentication and SSL. You should be able to accomplish this gracefully with onTaffyRequest. As of Taffy 1.3, the method getBasicAuthCredentials() was added to aid in this process.

Note: HTTP Basic Auth is sent in clear-text, and as such, you should NEVER use it in production code without SSL, because it would be trivial for someone sniffing the traffic to see the credentials. (Firesheep)

OAuth

So far I am only experienced as a user of OAuth, not a developer. For that reason, I haven't gotten around to implementing any OAuth functionality in Taffy either, though it is something I would like to do at some point. If you would like to contribute, please get in touch with me or just fork and send me a pull request. :)

Clone this wiki locally
You can’t perform that action at this time.
You signed in with another tab or window. Reload to refresh your session. You signed out in another tab or window. Reload to refresh your session.
Press h to open a hovercard with more details.