[aerogear-dev] AG Security questions

Bruno Oliveira bruno at abstractj.org
Thu Sep 26 09:14:40 EDT 2013


Answers inline.
> Hylke Bons <mailto:hbons at redhat.com>
> September 26, 2013 8:13 AM
> Hey everyone,
>
> I'm looking at http://aerogear.org/download/ and am somewhat confused.
> Some questions about the Security part of AeroGear:
>
> 1. Is there a reason why OTP are separate libraries, instead of a
> namespace on the existing AG libs?
Yes there is. You don't need to bring the bits from AG Security to
Android devices like PicketLink for example. But is possible to use
aerogear-otp-java on the client (Android) and the server (JEE apps)
> 2. What's the difference between "Security Providers" and "Alternative
> authentication methods"?
Security Providers: PicketLink, Apache Shiro...<your favorite security
framework here>

Alternative authentication methods: Hawk, Mozilla Persona...etc
> 3. Are Hawk and Java-OTP server modules? 
Not really. Hawk is a server authentication method for AGSecurity
(https://github.com/hueniverse/hawk) and aerogear-otp-java can be used
on the server/client as I mentioned.
> What about iOS-OTP? That sounds
> like another client lib?
Yes it is, is another client lib. Each platform must have their own
implementation for security.
>
> I hope I got this right, if not, please enlighten me.
I hope that helps.
>
> Thanks,
>
> Hylke
>
> _______________________________________________
> aerogear-dev mailing list
> aerogear-dev at lists.jboss.org
> https://lists.jboss.org/mailman/listinfo/aerogear-dev

-- 
abstractj


-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 495 bytes
Desc: OpenPGP digital signature
Url : http://lists.jboss.org/pipermail/aerogear-dev/attachments/20130926/67d95843/attachment.bin 


More information about the aerogear-dev mailing list