[wp-xmlrpc] Any interest in OAuth?

Allan Odgaard m123ixd02 at sneakemail.com
Sun Jun 15 05:16:13 GMT 2008


On 15 Jun 2008, at 06:53, Joseph Scott wrote:

> [...]

So if I understand you correctly, you are swayed by the fine-grained  
security.

You don’t want to use the existing user system for this, because each  
user has its own ID, and you want the posts from different clients to  
appear as the same user ID.

So why not extend the user system to have per-user aliases (with its  
own password) and provide all these crazy security controls per alias?

This would allow all existing third party clients to reap the benefits  
of the new fine-grained security.

Personally though, I doubt many/any would use it, even if wrapped in  
OAuth¹. As for limiting posting to a certain IP, I already have apache  
limit wp-admin access to my IP :)

Btw: how many clients do you have posting to your blog?



¹ OAuth is really just a protocol to create such an alias.



More information about the wp-xmlrpc mailing list