Details

    • Type: New Feature New Feature
    • Status: Open
    • Priority: Minor Minor
    • Resolution: Unresolved
    • Affects Version/s: None
    • Fix Version/s: 1.1.0 Backlog
    • Component/s: None
    • Labels:
      None

      Description

      Although OAuth is the predominant and most robust authorization scheme for securing APIs, there are still some that simply use HTTP Basic Authentication as the means of authorization. Historically, for instance, Twitter used HTTP Basic before adopting OAuth 1.0a. Presently other providers such as those offered by del.icio.us, Lockerz, and Posterous are still using HTTP Basic for their APIs.

      In order to support connections for those providers, Spring Social should support HTTP Basic-based connections.

      Note, however, that not all APIs secured with HTTP Basic need to have connection support. If the API exposes only non-user-oriented endpoints, it doesn't make much sense to create connections. Urban Airship's Push API, for instance, is designed to send message on behalf of an application, not on behalf of a user. Therefore the Urban Airship API does not require connection support and simply providing the API binding with the application's key and secret (which are its HTTP Basic credentials) is sufficient.

        Activity

        There are no comments yet on this issue.

          People

          • Assignee:
            Craig Walls
            Reporter:
            Craig Walls
          • Votes:
            0 Vote for this issue
            Watchers:
            0 Start watching this issue

            Dates

            • Created:
              Updated: