Posted 12/30/2009 - 14:30 by Blythe
We build mashups for the DoD that use PKI and two-way SSL from the browser to the mashup server. So, given the right mashup platform, mashups can be highly secure.
- Login or register to post comments
- Email this page
Our scenario is that we would like to use client certificate authentication between the end-users and the mashup server. We would also like to be able to pass this certificate authentication through to the data providers. These might be SOAP or REST web services, or could even be files available over https. Is this a scenario that anyone has addressed, or has any thoughts on how to approach?
An alternative might be to use an SSO approach where the mashup server and the data providers are all secured using the same SSO provider. Is this an option and does anyone have any ideas on how this might be implemented?