You're running up against the differences between authentication and authorization Facebook Connect (and other OAUTH2.0 schemes) is basically an authentication system. It says that the user is who they say they are, and by extension is a trusted system in and of itself. Thus you rely that they truly are who they say In effect though, AFAIK, you cannot limit Facebook Connect's ability to authenticate a user That said, your problem is not authentication, but rather it is one of authorization.
Basically, you only want certain people to have access to the private portions of your site What this means is that you need (and this is really, just a single possible solution, and one which I thought up while typing this) basically a holding queue for all new connections, and then grant each connection a specific set of authorized privileges--or deny them those privileges. Yes, it is a manual process, but it's one that you could pre-fill based on a known list of Facebook Id's The short answer is that, Facebook Connect just tells you that Person A is Person A. What that means to your site, and access rights within it, is still up to you and your site.
You're running up against the differences between authentication and authorization. Facebook Connect (and other OAUTH2.0 schemes) is basically an authentication system. It says that the user is who they say they are, and by extension is a trusted system in and of itself.
Thus you rely that they truly are who they say. In effect though, AFAIK, you cannot limit Facebook Connect's ability to authenticate a user. That said, your problem is not authentication, but rather it is one of authorization.
Basically, you only want certain people to have access to the private portions of your site. What this means is that you need (and this is really, just a single possible solution, and one which I thought up while typing this) basically a holding queue for all new connections, and then grant each connection a specific set of authorized privileges--or deny them those privileges. Yes, it is a manual process, but it's one that you could pre-fill based on a known list of Facebook Id's.
The short answer is that, Facebook Connect just tells you that Person A is Person A. What that means to your site, and access rights within it, is still up to you and your site.
Definitely helpful, thanks! I also found this link: cakebaker.42dh. Com/2008/04/01/….
OAuth means authorizing between websites. Authorization in my own website will have to be my own responsibility, it seems. – Peter Nov 24 '10 at 17:55.
I cant really gove you an answer,but what I can give you is a way to a solution, that is you have to find the anglde that you relate to or peaks your interest. A good paper is one that people get drawn into because it reaches them ln some way.As for me WW11 to me, I think of the holocaust and the effect it had on the survivors, their families and those who stood by and did nothing until it was too late.