Mockups of web authentication: the REST rescue

As I stated yesterday about how browsers should authenticate the client in order to let server remain stateless ( no session, no cookies, no tokens ) I wanted to show off a more tangible image of the “authentication sidebar” I mentioned in the post.

I played with balsamiq – for the first time in my life – and here’ my results.

User opens a webpage

( User access its facebook account, you can see the imploded sidebar at the left of the screen )

User logs in

The browser has logged in the user with the last opened client-side session ( browser cache ). Now the user is able to change the account of the website ( facebook ).

User updates account

Everything is transparent to the server: everything the user’s doing is updating a browser’s authentication DB.

User creates an account?

I got some doubts about new account creation ( it always should send a request to the server, so I dunno if it makes sense to keep in on the authentication sidebar ).

In the mood for some more reading?

...or check the archives.