diff options
| author | Elvio Toccalino | 2014-02-20 01:07:39 -0300 |
|---|---|---|
| committer | Elvio Toccalino | 2014-02-20 01:07:39 -0300 |
| commit | 1a4c6f075b33661e9b919c95575a5439aa924dcd (patch) | |
| tree | e267c205784cd42c1b162ef0170fe229c2536e55 /docs/api-guide/authentication.md | |
| parent | 316b7b8786ba0326a8f40f3f5912d4f9fee7f073 (diff) | |
| download | django-rest-framework-1a4c6f075b33661e9b919c95575a5439aa924dcd.tar.bz2 | |
include djangorestframework-httpsignature in the docs
Diffstat (limited to 'docs/api-guide/authentication.md')
| -rwxr-xr-x | docs/api-guide/authentication.md | 8 |
1 files changed, 8 insertions, 0 deletions
diff --git a/docs/api-guide/authentication.md b/docs/api-guide/authentication.md index dc8e2099..f992b0ce 100755 --- a/docs/api-guide/authentication.md +++ b/docs/api-guide/authentication.md @@ -393,6 +393,10 @@ The [Django OAuth2 Consumer][doac] library from [Rediker Software][rediker] is a JSON Web Token is a fairly new standard which can be used for token-based authentication. Unlike the built-in TokenAuthentication scheme, JWT Authentication doesn't need to use a database to validate a token. [Blimp][blimp] maintains the [djangorestframework-jwt][djangorestframework-jwt] package which provides a JWT Authentication class as well as a mechanism for clients to obtain a JWT given the username and password. +## HTTP Signature Authentication + +HTTP Signature (currently a [IETF draft][http-signature-ietf-draft]) provides a way to achieve origin authentication and message integrity for HTTP messages. Similar to [Amazon's HTTP Signature scheme][amazon-http-signature], used by many of its services, it permits stateless, per-request authentication. [Elvio Toccalino][etoccalino] maintains the [djangorestframework-httpsignature][djangorestframework-httpsignature] package which provides an easy to use HTTP Signature Authentication mechanism. + [cite]: http://jacobian.org/writing/rest-worst-practices/ [http401]: http://www.w3.org/Protocols/rfc2616/rfc2616-sec10.html#sec10.4.2 [http403]: http://www.w3.org/Protocols/rfc2616/rfc2616-sec10.html#sec10.4.4 @@ -419,3 +423,7 @@ JSON Web Token is a fairly new standard which can be used for token-based authen [doac-rest-framework]: https://github.com/Rediker-Software/doac/blob/master/docs/integrations.md# [blimp]: https://github.com/GetBlimp [djangorestframework-jwt]: https://github.com/GetBlimp/django-rest-framework-jwt +[etoccalino]: https://github.com/etoccalino/ +[djangorestframework-httpsignature]: https://github.com/etoccalino/django-rest-framework-httpsignature +[amazon-http-signature]: http://docs.aws.amazon.com/general/latest/gr/signature-version-4.html +[http-signature-ietf-draft]: https://datatracker.ietf.org/doc/draft-cavage-http-signatures/ |