Tweeting IPAWS (Authentication Gets Serious)

As those who follow my infrequent updates about the transition from DM-OPEN 1.0 to IPAWS OPEN 2.0 know, IPAWS OPEN 2.0 will require a fairly significant increase in attention to security (even in the test environment).   So I decided to dig out my old DM-OPEN “tweeter” test code and begin the process of transition to IPAWS-OPEN 2.0.  It no longer works, even against DM-OPEN 1.0.  Twitter has also increased its security requirement for applications that post.  No more basic authentication. You now must use OAuth. So, in order to tweet from IPAWS, I will now have to use WS-Security with x509 signatures to connect to IPAWS-OPEN and OAuth to connect to Twitter.  Ah! Life in the Middle!  Nobody trusts the middleman.  Nor should they, actually. But it sure is a pain in the rear.    :-).

Leave a Reply

You must be logged in to post a comment.