These forums have been archived and are now read-only.

The new forums are live and can be found at https://forums.eveonline.com/

EVE Technology Lab

 
  • Topic is locked indefinitely.
 

Federated authenication and claims
Author
Previous Topic Next Topic
knowsitall
Native Freshfood
Minmatar Republic
#1 - 2012-10-31 10:46:05 UTC
Hi

At work we are implementing a new system for security on our single sign on websites using the new claims based security model. See http://en.wikipedia.org/wiki/Claims-based_identity for details, plus google for more indepth.

It occured to me that CPP could (or may even already do) use this type of authenication on the their website. One of the things this allows is the idea of federated authenication. If CPP opened up their STS to allow other people to use their authenication (as facebook appears to now be doing) then fansites and corporation/alliances could use CPP to authenicate. The claims token could have your corporation, alliance and titles in the claims. Then people could secure there out of game services using the same information they already maintain in game. If a user is kicked from there corp it will automatically lock them out of all the out of game services for that corp as well.

Just an idea.


Knowsitall
Steve Ronuken
Fuzzwork Enterprises
Vote Steve Ronuken for CSM
#2 - 2012-10-31 12:59:48 UTC
CREST, when it's released, will have a federated authentication service, based on OAUTH2.

Woo! CSM XI!

Fuzzwork Enterprises

Twitter: @fuzzysteve on Twitter