wwwhisper Tool Review


Published on

A review of the authentication and authorization tool known as wwwhisper. For CS3560 at Ohip University

Published in: Data & Analytics
  • Be the first to comment

  • Be the first to like this

No Downloads
Total views
On SlideShare
From Embeds
Number of Embeds
Embeds 0
No embeds

No notes for slide

wwwhisper Tool Review

  1. 1. MEGAN NICOL Review of wwwhisper
  2. 2. History of wwwhisper  First started in March of 2012  Created by Jan Wrobel, a senior software engineer at Google  Design Goals  Simplify how web-based resources are shared  Eliminate need for site-specific username and password databases
  3. 3. Comparison to other Tools  Wawp – Uses PHP and MySQL in order to login and restrict web access. Cost - Free  phpSecurePages- A PHP module that restricts access using a user account with password, stored in a MySQL database. Cost - $20  wwwhisper does not require a username, password, or account. Instead, it uses “approved” email addresses (with Persona to verify email address to grant access). Cost – Both Free and Charged ($10 & $25) Options
  4. 4. What is wwwhisper?  wwwhisper is a Heroku add-on tool that is used for authentication and authorization for an application.  Instead of using a username and password in order to limit the use of the app, wwwhisper grants access based on approved email addresses.  It also allows you to easily add or remove admins
  5. 5. Sustainability, Performance, & Pricing  wwwhisper supports Node.js, Ruby Rack and Rails based applications  There are 3 pricing options  Starter – Free, 2 users, admin web interface, authorization lib version monitoring, 10,000 authorization requests per month.  Basic - $10/month, 10 users, custom login page, admin web interface, authorization lib version monitoring, open locations, 1,000,000 authorization requests per month  Plus - $25/month, unlimited users, custom login page, admin web interface, authorization lib version monitoring, open locations, unlimited authorization requests
  6. 6. Benefit/Cost Analysis  For my final project, using wwwhisper will be extremely beneficial. Eliminates the writing of thousands of lines of code. It is free, and supports Node.js, so it can support smaller projects without cost. If more users or requests are needed, I believe that the cost ($10 or $25) are not exorbitant and will pay for themselves in terms of man hours to create and upkeep a user/password database.
  7. 7. Why use wwwhisper?  wwwhisper eliminates the need for writing authentication and authorization code, while still giving the user the ability to limit who can use their web application.  It is extremely simple to quick to install, requiring only 4 lines of code to implement.  Works very well with Persona.
  8. 8. Step 1: Provisioning the Add-On
  9. 9. Step 2: Obtain wwwhisper URL  Using the follow command gives you the ability to communicate with the wwwhisper service.
  10. 10. Step 3: Configuring with Node.js  Incredibly simple!
  11. 11. Demo
  12. 12. Maintenance  If necessary, you will be notified of any security updates that your authorization library may need.
  13. 13. Resources Citations  http://www.bigismore.com/web-development-tools/tools-for-web- authentication-and-authorization/  https://addons.heroku.com/wwwhisper  http://mixedbit.org/blog/2014/01/08/wwwhisper_add_on_for_nod e_js.html  https://wwwhisper-demo.herokuapp.com/  https://github.com/wrr/wwwhisper