[aerogear-dev] Proposal - Re: REST: auth: user registration endpoint

Bruno Oliveira bruno at abstractj.org
Tue Jan 15 13:34:03 EST 2013 

+1 https://github.com/aerogear/aerogear-security/pull/12 


-- 
"The measure of a man is what he does with power" - Plato
-
@abstractj
-
Volenti Nihil Difficile



On Tuesday, January 15, 2013 at 1:12 PM, Summers Pittman wrote:

> On 01/15/2013 01:35 AM, Matthias Wessendorf wrote:
> > It was brought while discussing the "old" thread. 
> > 
> > 1) keep the clients to use "auth/enroll" 
> > 2) change the _library_ (ag-security) to follow the same pattern
> > 3) keep the TODO (auth/register) and show that the clients can override the default (shows the flexible API)
> > 
> > If we are all OK with this, I will file a JIRA for the ag-security change and will move on with it. 
> > 
> +1
> > -M 
> > 
> > 
> > On Tue, Jan 15, 2013 at 7:21 AM, Daniel Bevenius <daniel.bevenius at gmail.com (mailto:daniel.bevenius at gmail.com)> wrote:
> > > >So if a user wants to use our server-side bits, he always has to override for the registration - which is weird, IMO 
> > > Yeah, that is true. And also we could simply provide examples in a user guide, so my point in the first post is not really valid. 
> > > I'm changing my mind to +1 :)
> > > 
> > > 
> > > 
> > > 
> > > 
> > > On 15 January 2013 07:15, Matthias Wessendorf <matzew at apache.org (mailto:matzew at apache.org)> wrote:
> > > > but aren't two different defaults an odd API ? 
> > > > 
> > > > So if a user wants to use our server-side bits, he always has to override for the registration - which is weird, IMO 
> > > > 
> > > > -M 
> > > > 
> > > > 
> > > > On Tue, Jan 15, 2013 at 6:57 AM, Daniel Bevenius <daniel.bevenius at gmail.com (mailto:daniel.bevenius at gmail.com)> wrote:
> > > > > >is your -1 only for the TODO demo app, or also for the ag-security library? 
> > > > > I think we could keep the server side in the both the TODO app and ag-security as is, and have overrides in the client examples which might be useful for users to see examples of. 
> > > > > 
> > > > > 
> > > > > 
> > > > > On 15 January 2013 06:45, Matthias Wessendorf <matzew at apache.org (mailto:matzew at apache.org)> wrote:
> > > > > > 
> > > > > > 
> > > > > > On Tue, Jan 15, 2013 at 6:09 AM, Daniel Bevenius <daniel.bevenius at gmail.com (mailto:daniel.bevenius at gmail.com)> wrote:
> > > > > > > -1 Let the client override this. I think it might be nice to show that this can be overriden and have an example to point users to. 
> > > > > > 
> > > > > > 
> > > > > > is your -1 only for the TODO demo app, or also for the ag-security library? 
> > > > > > 
> > > > > > -M 
> > > > > > 
> > > > > >  
> > > > > > > 
> > > > > > > I've created https://issues.jboss.org/browse/AEROGEAR-816 so that we can track this. 
> > > > > > > 
> > > > > > > 
> > > > > > > 
> > > > > > > On 14 January 2013 20:39, Douglas Campos <qmx at qmx.me (mailto:qmx at qmx.me)> wrote:
> > > > > > > > nice idea
> > > > > > > > 
> > > > > > > > -1 to TODO changing
> > > > > > > > 
> > > > > > > > On 14/01/2013, at 16:54, Summers Pittman <supittma at redhat.com (mailto:supittma at redhat.com)> wrote:
> > > > > > > > 
> > > > > > > > > +1 on having security be enroll.
> > > > > > > > >
> > > > > > > > > -1 on having TODO be enroll.  This is because the TODO app should
> > > > > > > > > demonstrate that there is the ability to change things.
> > > > > > > > >
> > > > > > > > > On 01/14/2013 01:50 PM, Kris Borchers wrote:
> > > > > > > > >> +1
> > > > > > > > >>
> > > > > > > > >> On Jan 14, 2013, at 12:49 PM, Matthias Wessendorf <matzew at apache.org (mailto:matzew at apache.org)> wrote:
> > > > > > > > >>
> > > > > > > > >>> Hi,
> > > > > > > > >>>
> > > > > > > > >>> our client libries are using the "auth/enroll" value for the actual
> > > > > > > > >>> registration request, examples:
> > > > > > > > >>> - https://github.com/aerogear/aerogear-ios/blob/master/AeroGear-iOS/AeroGear-iOS/security/AGAuthConfiguration.m#L40
> > > > > > > > >>> - https://github.com/aerogear/aerogear-js/blob/master/src/authentication/adapters/rest.js#L212
> > > > > > > > >>> - https://github.com/aerogear/aerogear-android/blob/master/src/org/jboss/aerogear/android/authentication/AuthenticationConfig.java#L29
> > > > > > > > >>>
> > > > > > > > >>> However, the server uses a different default ("auth/register"):
> > > > > > > > >>> - https://github.com/aerogear/aerogear-security/blob/master/src/main/java/org/jboss/aerogear/security/rest/service/AuthenticationService.java#L48
> > > > > > > > >>> - https://github.com/aerogear/TODO/blob/master/server/src/main/java/org/aerogear/todo/server/security/rest/AuthenticationEndpoint.java#L51
> > > > > > > > >>>
> > > > > > > > >>> It was a decision from the past, that we have this "model", however -
> > > > > > > > >>> rethinking causes some concerns... Is that really ideal? Wouldn't it
> > > > > > > > >>> be just
> > > > > > > > >>> better to have matching default, on the client AND the server ?
> > > > > > > > >>>
> > > > > > > > >>> Please vote:
> > > > > > > > >>> [+1] let's change the server default to match the "enroll" setting
> > > > > > > > >>> from the client libraries
> > > > > > > > >>> [0] I don't care
> > > > > > > > >>> [-1] nah, let's keep all as is, since the client can override everything
> > > > > > > > >>>
> > > > > > > > >>>
> > > > > > > > >>> Cheers!
> > > > > > > > >>> Matthias
> > > > > > > > >>>
> > > > > > > > >>> --
> > > > > > > > >>> Matthias Wessendorf
> > > > > > > > >>>
> > > > > > > > >>> blog: http://matthiaswessendorf.wordpress.com/
> > > > > > > > >>> sessions: http://www.slideshare.net/mwessendorf
> > > > > > > > >>> twitter: http://twitter.com/mwessendorf
> > > > > > > > >>> _______________________________________________
> > > > > > > > >>> aerogear-dev mailing list
> > > > > > > > >>> aerogear-dev at lists.jboss.org (mailto:aerogear-dev at lists.jboss.org)
> > > > > > > > >>> https://lists.jboss.org/mailman/listinfo/aerogear-dev
> > > > > > > > >>
> > > > > > > > >> _______________________________________________
> > > > > > > > >> aerogear-dev mailing list
> > > > > > > > >> aerogear-dev at lists.jboss.org (mailto:aerogear-dev at lists.jboss.org)
> > > > > > > > >> https://lists.jboss.org/mailman/listinfo/aerogear-dev
> > > > > > > > >
> > > > > > > > > _______________________________________________
> > > > > > > > > aerogear-dev mailing list
> > > > > > > > > aerogear-dev at lists.jboss.org (mailto:aerogear-dev at lists.jboss.org)
> > > > > > > > > https://lists.jboss.org/mailman/listinfo/aerogear-dev
> > > > > > > > 
> > > > > > > > 
> > > > > > > > _______________________________________________
> > > > > > > > aerogear-dev mailing list
> > > > > > > > aerogear-dev at lists.jboss.org (mailto:aerogear-dev at lists.jboss.org)
> > > > > > > > https://lists.jboss.org/mailman/listinfo/aerogear-dev
> > > > > > > 
> > > > > > > 
> > > > > > > _______________________________________________
> > > > > > > aerogear-dev mailing list
> > > > > > > aerogear-dev at lists.jboss.org (mailto:aerogear-dev at lists.jboss.org)
> > > > > > > https://lists.jboss.org/mailman/listinfo/aerogear-dev
> > > > > > > 
> > > > > > 
> > > > > > 
> > > > > > 
> > > > > > -- 
> > > > > > Matthias Wessendorf 
> > > > > > 
> > > > > > blog: http://matthiaswessendorf.wordpress.com/
> > > > > > sessions: http://www.slideshare.net/mwessendorf
> > > > > > twitter: http://twitter.com/mwessendorf 
> > > > > > _______________________________________________
> > > > > > aerogear-dev mailing list
> > > > > > aerogear-dev at lists.jboss.org (mailto:aerogear-dev at lists.jboss.org)
> > > > > > https://lists.jboss.org/mailman/listinfo/aerogear-dev
> > > > > > 
> > > > > 
> > > > > 
> > > > > _______________________________________________
> > > > > aerogear-dev mailing list
> > > > > aerogear-dev at lists.jboss.org (mailto:aerogear-dev at lists.jboss.org)
> > > > > https://lists.jboss.org/mailman/listinfo/aerogear-dev
> > > > > 
> > > > 
> > > > 
> > > > 
> > > > -- 
> > > > Matthias Wessendorf 
> > > > 
> > > > blog: http://matthiaswessendorf.wordpress.com/
> > > > sessions: http://www.slideshare.net/mwessendorf
> > > > twitter: http://twitter.com/mwessendorf 
> > > > _______________________________________________
> > > > aerogear-dev mailing list
> > > > aerogear-dev at lists.jboss.org (mailto:aerogear-dev at lists.jboss.org)
> > > > https://lists.jboss.org/mailman/listinfo/aerogear-dev
> > > > 
> > > 
> > > 
> > > _______________________________________________
> > > aerogear-dev mailing list
> > > aerogear-dev at lists.jboss.org (mailto:aerogear-dev at lists.jboss.org)
> > > https://lists.jboss.org/mailman/listinfo/aerogear-dev
> > > 
> > 
> > 
> > 
> > -- 
> > Matthias Wessendorf 
> > 
> > blog: http://matthiaswessendorf.wordpress.com/
> > sessions: http://www.slideshare.net/mwessendorf
> > twitter: http://twitter.com/mwessendorf 
> > 
> > _______________________________________________ aerogear-dev mailing list aerogear-dev at lists.jboss.org (mailto:aerogear-dev at lists.jboss.org) https://lists.jboss.org/mailman/listinfo/aerogear-dev 
> _______________________________________________
> aerogear-dev mailing list
> aerogear-dev at lists.jboss.org (mailto:aerogear-dev at lists.jboss.org)
> https://lists.jboss.org/mailman/listinfo/aerogear-dev
> 
> 


-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.jboss.org/pipermail/aerogear-dev/attachments/20130115/421a831d/attachment-0001.html

More information about the aerogear-dev mailing list