dominoGuru.com
Your Development & Design Resource
Coming Soon -- Project Dauth: IBM Lotus Notes Domino Oauth-like Token Authentication Engine
02/02/2010 06:55 AM by Chris Toohey
I've mentioned my work recently with Oauth, and while working on SOTU -- my Remote Console Command Utility for IBM Lotus Notes Domino -- I found myself liking the token-based authentication architecture more and more. Now, understanding that most enterprises won't rush to adopt Oauth for fear (and quite frankly lack of understanding) would give them an idea that such an authentication architecture would allow any OpenID-like account access to their systems... I've decided to make an Oauth-like utility for the IBM Lotus Notes Domino Server.
Instead of building an Oauth-like authentication engine into SOTU which -- quite frankly -- could get messy, I'm going to bundle Dauth with the next release of SOTU and keep Dauth as a stand-alone project. This way, you can leverage the solution in any number of Domino HTTP RPC style application. Hell, you could technically use Dauth for any HTTP delivered IBM Lotus Notes Domino Application...
The overall logic architecture will remain the same:
Once authenticated via standard Domino HTTP authentication, the user will request a Dauth token or key. This key, a randomly generated hash, is uniquely bound to the user.
Then in applications that use Dauth, you simply supply your key. I envision the local client applications -- in the case of SOTU, the mobile device application -- you'll store and save your key within the client itself, almost like a remember me function.
On an HTTP Request to the target service, the key is offered as part of the submission. The first action then is to check the Dauth User Library to verify that this is both an active key and to confirm the level of execution rights the correlating user has to the target service.
... and that's pretty much it.
Dauth will allow you to lock out accounts, change keys as needed, and perhaps more should it need any other functionality. I expect to have an example online and ready for eager testing soon, so key interested eyes open for news of the v0.1 BETA release!