[Standards] Authorization over HTTP

Tomasz Sterna tomek at xiaoka.com
Fri Nov 9 09:07:23 UTC 2007


Dnia 08-11-2007, Cz o godzinie 09:36 -0800, anders conbere pisze:
> As far as I understand it XEP-0070 is for granting a user access to
> restricted resources on a /web host/ based on if they pass
> authentication with the jabber server. I'm actually interested in
> working in a way somewhat backwards to that. I want to grant a web
> server access to a users data on a jabber server if the jabber server
> authenticates the user.

So you want to give access to user private data to a remote web server
via HTTP, right?

Designing protocols how web servers talk to each other, is a job of W3C,
not XSF.
We design ways how XMPP servers and clients talk to each other.


My personal suggestion would be SOAP or XMLRPC frontend to the used data
storage. But this is going offtopic.

-- 
  /\_./o__ Tomasz Sterna
 (/^/(_^^'  Xiaoka.com
._.(_.)_  XMPP: smoku at xiaoka.com




More information about the Standards mailing list