Application distribution and xAuth


#1

Hello there,
I am currently in a development work for small and medium size business (SMB). The product is sold in the market. This has an Integration Framework which is purely Java and XML based standalone engine.

One of the features in this product enable SMB’s to invite their Vendors provide a Request Quote (RFQ)… Say … SMB 1 needs some printers and they are requesting for a Quote from Company A and B. This request needs to be made electronically and responded in the same medium. Traditionally an Email was sent with an attached Excel, word or a PDF. Now we try to generate an HTML Form and send them via email - a link to this page which is hosted in the SMB’s Host server. The HTTPS req/res…currently enables the Company A to fill in this form and reply with a Quote which is then stored in the database… instead of Word / PDF Files. Later these Quotes can be used for analysis to understand market fluctuations if needed.
Now a new feature we would like to add up is… to enable Company A and B to receive an SMS which has a link to this page or the quote in the sms itself…and they can reply instantly where ever they are. We thought of using Twitter as one can receive SMS and URL. Since it is a desktop application,

  1. The application would be distributed to customers - SMB’s if they would have to get requests from their vendors - then SMB’s would have to have twitter accounts and then tweet their RFQ’s directly to their vendors ?

  2. I was wondering what kind of authentication mechanism would be best in this use case. After reading your documents on Authentication, I think xAuth is more fitting. What are your suggestion here ?.

as we are in the very early stage… any help would be highly beneficial for a good design :).

Thank and regards
Domnic Savio