OAuth 2.0 : The Path to Heaven from Hell? - Tuesday, August 21, 2012

  • By Kushlani De Silva
  • 21 Aug, 2012

The Pre OAuth era was largely dominated by the password anti-pattern where you had to share credentials with third parties to give access to resources you own. This was no more tolerated by the community and vendors were pushed to implement their own protocols, making Google, Flickr, and Yahoo! come up with their own. OAuth 1.0 was an aggregated result of all those individual efforts. In 2009 the community contributed OAuth to the IETF and since then it was developed under IETF.

OAuth 2.0 is the youngest member in the OAuth family and although it borrows the same concepts as OAuth 1.0, they are not compatible. The tension on OAuth 2.0 started to grow as Eran Hammer, resigned from his role as the lead author and editor, withdrew his name from the OAuth 2.0 specification, and left the working group. He argues in his now famous blog post on OAuth 2.0, when compared with OAuth 1.0, the 2.0 specification is more complex, less interoperable, less useful, more incomplete, and most importantly, less secure.

Join Prabath Siriwardena and Johann Nallathamby on this webinar as they explains the pre-OAuth era, OAuth 1.0a and OAuth 2.0 - concepts. similarities and differences. If you want to find your way out of the many complexities of OAuth 2.0 then this webinar is for you!

Prabath Siriwardena Senior Architect Prabath Siriwardena joined WSO2 in November 2007. He is an architect and chair of the integration technologies management committee, focusing on application security and identity management. In addition to his product development efforts, Prabath has provided technology consulting on customer engagements, working on the integration of OpenID support.
Johann Nallathamby Software Engineer Johann joined WSO2 in December 2011 as Software Engineer. A B.Sc. Engineering graduate from the department of Computer Science & Engineering, University of Moratuwa, Johann is also a Sun Certified Java Programmer and is currently reading for his certification in management accountancy from the Chartered Institute of Management Accountants.
Webinar Recording