什么是中BasicAuth的的OAuth和XAuth区别？ [英] What is the difference among BasicAuth,OAuth and XAuth?

问题描述

最近我听说，Twitter将被切断对Twitter的API的基本身份验证，他们对OAuth的移动。

Recently i heard that Twitter will be shutting off the basic authentication on the Twitter API and they move towards OAuth.

所以我想知道的是什么之间的基本验证，OAuth的和XAuth区别？

So i want to know What is the difference among BasicAuth,OAuth and XAuth?

什么是优势，每个验证的缺点？

what is the advantage and disadvantage of each Auth?

推荐答案

Twitter的基本验证所需的应用程序存储用户的用户名和密码，并与每个请求一起发送这些，开发商

Twitter BasicAuth required the developer of an application to store the username and password of the user, and transmit these along with each request.

OAuth是一个开放的标准，用户被重定向到Twitter，填补了他的用户名/密码，有（或已经登录），然后给予通关用他的账户中的应用。该应用程序不会看到用户名/密码。

OAuth is an open standard, where the user is redirected to Twitter, fills in his username/password there (or is already logged in) and then grants clearance for the application to use his account. The application never sees the username/password.

要引用Twitter的网页：

To quote the twitter pages:

基本身份验证是一种责任。
  通过存储登录名和密码，一
  开发商需要额外
  用于安全责任
  这些证书的存储;该
  潜在危害用户如果登录
  凭据泄露或滥用被
  很高。由于许多用户利用
  在许多网站相同的密码，
  为损坏的可能性不
  一定与他们的Twitter停止
  帐户。

Basic Authentication is a liability. By storing logins and passwords, a developer takes on additional responsibilities for the secure storage of those credentials; the potential harm to users if login credentials are leaked or abused is very high. Because many users utilize the same password across many sites, the potential for damage does not necessarily stop with their Twitter account.

请参阅：<一href=\"http://dev.twitter.com/pages/basic_to_oauth\">http://dev.twitter.com/pages/basic_to_oauth

注：我不知道XAUTH任何事情，所以离开，最多给别人回答

Note: I don't know anything about xauth, so leaving that up to others to answer.

这篇关于什么是中BasicAuth的的OAuth和XAuth区别？的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！