• Type: New Feature
    • Status: Open
    • Priority: Minor
    • Resolution: Unresolved
    • Affects Version/s: None
    • Fix Version/s: 2.0.0 Backlog
    • Component/s: None
    • Labels:


      Although OAuth is the predominant and most robust authorization scheme for securing APIs, there are still some that simply use HTTP Basic Authentication as the means of authorization. Historically, for instance, Twitter used HTTP Basic before adopting OAuth 1.0a. Presently other providers such as those offered by, Lockerz, and Posterous are still using HTTP Basic for their APIs.

      In order to support connections for those providers, Spring Social should support HTTP Basic-based connections.

      Note, however, that not all APIs secured with HTTP Basic need to have connection support. If the API exposes only non-user-oriented endpoints, it doesn't make much sense to create connections. Urban Airship's Push API, for instance, is designed to send message on behalf of an application, not on behalf of a user. Therefore the Urban Airship API does not require connection support and simply providing the API binding with the application's key and secret (which are its HTTP Basic credentials) is sufficient.




            • Assignee:
              habuma Craig Walls
              habuma Craig Walls
            • Votes:
              0 Vote for this issue
              0 Start watching this issue


              • Created: