Let say that I have a website with some information that could be access externally. Those information need to be only change by the respected client. Example: Google Analytic or WordPress API key. How can I create a system that work like that (no matter the programming language)?
Asked
Active
Viewed 2.3k times
5 Answers
18
A number of smart people are working on a standard, and it's called OAuth. It already has a number of sample implementations, so it's pretty easy to get started.
Aeon
- 6,467
- 5
- 29
- 31
-
Agreed. Pownce.com and many other have successfully implemented/produced OAuth, and its the best way, IMO, to get the results your after. – bryanpearson Sep 16 '08 at 21:35
-
The website of OAuth explain well the situation. Thx for the solution. – Patrick Desjardins Sep 16 '08 at 21:36
2
Simple:
- Generate a key for each user
- Deny access for each request without this key
Nikolai Prokoschenko
- 8,465
- 11
- 58
- 97
1
Currently, I use a concatenation of multiple MD5s with a salt. The MD5s are generated off of various concatenations of user data.
Ian P
- 12,840
- 6
- 48
- 70
0
There are also infrastructure services that manage all this for you like http://www.3scale.net (disclosure I work there), http://www.mashery.com and http://www.apigee.com/.
steve
- 1,978
- 13
- 23
0
A good way of generating a key would be to store a GUID (Globally Unique Identifier) on each user record n the database. GUID is going to be unique and almost impossible to guess.
digiguru
- 12,724
- 20
- 61
- 87