Click here to Skip to main content
Rate this: bad
good
Please Sign up or sign in to vote.
Hi All,
 
I’m currently looking at security for a new project centred around an ASP.NET WebAPI & Database with various clients like web site built using Javascript, mobile app.
 
I’ve been reading a lot about OAuth, OpenID and how to integrate these which actually seems fairly easy and more or less a requirement for shared APIs in general but the more I’ve read the less I feel I understand where the boundaries of each tech start and finish. I’m still confused about how to provide a ‘Default’ login mechanism that doesn’t use any 3rd party elements.
 
OpenID will let users use another account on someone else’s system to login to my site whilst OAuth will allow safely exposing my services to 3rd parties without proliferating passwords around this I get and really like the idea of but what if someone comes to the site and they don’t have an OpenID and they aren’t a 3rd party app?
 
Is the default fallback tech still FormsAuthentication? Or is it possible / sensible to become an OpenID provider?
 
Thanks,
Posted 26-Sep-12 23:10pm
Jammer14.9K

This content, along with any associated source code and files, is licensed under The Code Project Open License (CPOL)

  Print Answers RSS
0 Sergey Alexandrovich Kryukov 359
1 _Amy 230
2 OriginalGriff 200
3 Manfred R. Bihy 200
4 Peter Leow 180
0 OriginalGriff 7,495
1 Sergey Alexandrovich Kryukov 6,402
2 Maciej Los 3,849
3 Peter Leow 3,568
4 CHill60 2,702


Advertise | Privacy | Mobile
Web02 | 2.8.140721.1 | Last Updated 27 Sep 2012
Copyright © CodeProject, 1999-2014
All Rights Reserved. Terms of Service
Layout: fixed | fluid

CodeProject, 503-250 Ferrand Drive Toronto Ontario, M3C 3G8 Canada +1 416-849-8900 x 100