Tweeting IPAWS (Authentication Gets Serious)
As those who follow my infrequent updates about the transition from DM-OPEN 1.0 to IPAWS OPEN 2.0 know, IPAWS OPEN 2.0 will require a fairly significant increase in attention to security (even in the test environment). So I decided to dig out my old DM-OPEN “tweeter” test code and begin the process of transition to IPAWS-OPEN 2.0. It no longer works, even against DM-OPEN 1.0. Twitter has also increased its security requirement for applications that post. No more basic authentication. You now must use OAuth. So, in order to tweet from IPAWS, I will now have to use WS-Security with x509 signatures to connect to IPAWS-OPEN and OAuth to connect to Twitter. Ah! Life in the Middle! Nobody trusts the middleman. Nor should they, actually. But it sure is a pain in the rear. :-).
