Changes between Version 27 and Version 28 of Help/Preferences/Connection


Ignore:
Timestamp:
2011-08-16T18:22:34+02:00 (15 years ago)
Author:
skyper
Comment:

Remove OAuth warning

Legend:

Unmodified
Added
Removed
Modified

  • Help/Preferences/Connection

    v27 v28  
    4646
    4747=== Basic authentication ===
     48{{{
     49#!html
     50<p style="background-color:rgb(253,255,221);padding: 10pt; border-color:rgb(128,128,128);border-style: solid; border-width: 1px;">
     51<strong>Warning!</strong><br/>
     52Basic authentication methode is quite unsecure. Please consider to use OAuth.
     53The password is stored in plain text in the JOSM preferences file.
     54Furthermore, it is transferred <strong>unencrypted</strong> in every request sent to the OSM server.
     55<strong>Do not use a valuable password.</strong>
     56</p>
     57}}}
     58
    4859Basic authentication is the basic mechanism to authenticate yourself at the OSM server.
    4960
     
    5869  3. Enter your OSM username and your OSM password
    5970
    60 {{{
    61 #!html
    62 <p style="background-color:rgb(253,255,221);padding: 10pt; border-color:rgb(128,128,128);border-style: solid; border-width: 1px;">
    63 <strong>Warning!</strong><br/>
    64 The password is stored in plain text in the JOSM preferences file.
    65 Furthermore, it is transferred <strong>unencrypted</strong> in every request sent to the OSM server.
    66 <strong>Do not use a valuable password.</strong>
    67 </p>
    68 }}}
    69 
    70 
    7171=== OAuth based authentication ===
    7272[http://oauth.net/ OAuth] is an open protocol to allow secure API authorization  in a simple and standard method from desktop and web applications. The OSM server supports OAuth in addition to basic authentication.
     
    7474OAuth has two major advantages over basic authentication:
    7575  1. Your OSM password doesn't have to be saved in clear text in the JOSM preferences file.
    76   2. Your OSM password has to be transferred '''only once''' over the Internet, in contrast to basic authentication where your OSM password is transferred as part of every request sent from JOSM to the OSM server.
    77 
    78 {{{
    79 #!html
    80 <p style="background-color:rgb(253,255,221);padding: 10pt; border-color:rgb(128,128,128);border-style: solid; border-width: 1px;">
    81 <strong>Warning!</strong><br/>
    82 Currently, the OSM server doesn't offer a secure communication channel. Even if you use OAuth your password is therefore transferred <strong>once in clear text</strong> over the Internet. <strong>Do not use a valuable password</strong> until the OSM server provides a secure communication channel (HTTPS).
    83 </p>
    84 }}}
     76  2. Your OSM password has to be transferred encrypted '''only once''' over the Internet, in contrast to basic authentication where your OSM password is transferred unencrypted as part of every request sent from JOSM to the OSM server.
    8577
    8678For advanced users, OAuth has additional advantages: