[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [Elist Home]
Subject: Re: [wsrp][security] End user identity
Yossi,
Thanks for capturing this discussion, I think you interchanged producer and
consumer in the 3rd sentence of #2 (I think it should be "The producer
could expose in its metadata that it requires the user's zip code, and the
consumer would pass that property to him").
On a side note: It bothers me a bit that the term "Authenticated" is being
used in the case where credentials are being presented to the producer so
that the producer may independently authenticate the user (or use the
credentials for authentication to some other system). To me "Authenticated"
implies the portal has already authenticated the user and is telling the
portlet to trust that authentication. Is it useful for there to be 3 levels
of the portal identification of the End-User (anonymous, identified (eg.
read from a cookie) & authenticated (eg. password entered)) prior to
credentials being made available to the portlet?
Rich
"Tamari, Yossi"
<yossi.tamari@sapp To: "'wsrp@lists.oasis-open.org'"
ortals.com> <wsrp@lists.oasis-open.org>
cc:
04/08/2002 12:38 Subject: [wsrp][security] End user identity
PM
Here is the extended end user identity document according to agenda item
3.5
from the last conference call.
<<End User Identity.doc>> <<End User Identity.htm>> <<End User
Identity.PDF>>
Yossi.
#### End User Identity.doc has been removed from this note on April 08 2002
by Rich Thompson
#### End User Identity.htm has been removed from this note on April 08 2002
by Rich Thompson
#### End User Identity.PDF has been removed from this note on April 08 2002
by Rich Thompson
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [Elist Home]
Powered by eList eXpress LLC