<div dir="ltr">Hi Bruno,<div><br></div><div style>while was doing some JIRA "work" :) as well, I felt like entering these items to our AGSEC instance:</div><div style><br></div><div style><a href="https://issues.jboss.org/browse/AGSEC-50">https://issues.jboss.org/browse/AGSEC-50</a><br>
</div><div style><a href="https://issues.jboss.org/browse/AGSEC-51">https://issues.jboss.org/browse/AGSEC-51</a><br></div><div style><a href="https://issues.jboss.org/browse/AGSEC-52">https://issues.jboss.org/browse/AGSEC-52</a><br>
</div><div style><a href="https://issues.jboss.org/browse/AGSEC-53">https://issues.jboss.org/browse/AGSEC-53</a><br></div><div style><a href="https://issues.jboss.org/browse/AGSEC-54">https://issues.jboss.org/browse/AGSEC-54</a><br>
</div><div style><br></div><div style>Perhaps they will need to be converted into "sub-task" of other, related, tickets, but I felt like: "Better hammer them in, instead of forgetting".</div><div style>
<br></div><div style>Greetings,</div><div style>Matthias</div><div><br></div><div><br></div></div><div class="gmail_extra"><br><br><div class="gmail_quote">On Thu, May 23, 2013 at 11:32 PM, Bruno Oliveira <span dir="ltr"><<a href="mailto:bruno@abstractj.org" target="_blank">bruno@abstractj.org</a>></span> wrote:<br>
<blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">Mahalo, here comes my proposal to AGSEC roadmap. Disclaimer: some tasks<br>
are related with JS, iOS and Android. I don't want to push tasks to the<br>
other teams, so feel free to assign to me as needed.<br>
<br>
Again, feedback is more than welcome.<br>
<br>
Gist: <a href="https://gist.github.com/abstractj/b50cee4eb8163ccf4c26" target="_blank">https://gist.github.com/abstractj/b50cee4eb8163ccf4c26</a><br>
<br>
# AeroGear Security - Roadmap<br>
<br>
## 1.0.1<br>
<br>
* Bug fixes on examples and updates on AeroGear Security<br>
<br>
* AGSEC-16: Support for multiple roles for AerogearUser (TBD with sblanc)<br>
<br>
* AGSEC-29: Documentation with the overview and description on AeroGear<br>
Security<br>
<br>
* AGSEC-36: Add a method to retrieve all registered users on the<br>
AuthenticationManager interface (TBD with sblanc)<br>
<br>
* AGSEC-36: Add CRUD methods for AerogearUser<br>
<br>
* Initial support for OTP on JS<br>
<br>
## 1.1.0 (Mid June)<br>
<br>
* AGSEC-13: Add HTTP basic authentication support to the client side<br>
<br>
* AGDROID-27 Add HTTP basic authentication support on AeroGear<br>
Android (done by summers)<br>
<br>
* AGIOS-4 Add HTTP basic authentication support on AeroGear iOS<br>
(christos is on it)<br>
<br>
* AGJS-18 Add HTTP basic authentication support on AeroGear.js (I<br>
can help on it, I'm just following the JS roadmap)<br>
<br>
* AGSEC-18: Add session management support<br>
<br>
* AGSEC-27: Provide a detailed specification and which kind of<br>
authentication schemes will be supported<br>
<br>
* AGSEC-28: HOTP support<br>
<br>
* AGDROID-30: Add HOTP support to aerogear-otp-java<br>
<br>
* AGIOS-1: Add HOTP support to aerogear-otp-ios<br>
<br>
* AGSEC-30: Unified Push (Add Client Access Key)<br>
<br>
* AGSEC-31: Evaluate non repudiation for each application on the server<br>
<br>
* AGSEC-34: Unified Push: Sec: Add Security Framework to PushEE<br>
<br>
* AGSEC-48: Add Apache Shiro support on AeroGear Security<br>
<br>
<br>
## 1.2.0 (Mid August)<br>
<br>
* AGSEC-6: Encryption for mobile devices<br>
<br>
* AGDROID-34 Implementation and API usage for android crypto<br>
<br>
* AGIOS-3 Implementation and API usage for iOS crypto<br>
<br>
* AGSEC-15: Add HTTP digest authentication support to the client side<br>
<br>
* AGDROID-10 Add HTTP digest authentication support on AeroGear<br>
Android (Summers)<br>
<br>
<br>
* AGIOS-5 Add HTTP digest authentication support on AeroGear iOS<br>
(Christos)<br>
<br>
* AGIOS-6 Provide a parameter on iOS to enable/disable the usage<br>
of cookies (abstractj)<br>
<br>
* AGJS-23 Add HTTP digest authentication support on AeroGear.js<br>
<br>
* AGSEC-26: Authentication schemes for mobile devices<br>
<br>
* AGSEC-49: Add Hawk support on AeroGear Security<br>
<br>
<br>
<br>
## 1.3.0 (Mid October)<br>
<br>
* AGSEC-2: Secure storage and cache<br>
<br>
* AGSEC-7: Provide a detailed specification about how it should work<br>
<br>
* AGSEC-3: Url and Forms that perform important operations must be<br>
protected by random tokens (hidden nonce values)<br>
<br>
* AGSEC-4: Authentication of RESTful requests per transactions must be<br>
provided as alternative on AeroGear Security<br>
<br>
* AGSEC-14: HTTP signed requests<br>
<br>
* AGSEC-17: Mobile devices blacklist support<br>
<br>
<br>
## 1.4.0 (Mid January)<br>
<br>
* AGSEC-12: Offline authentication<br>
<br>
* AGSEC-25: Include rate-limit to incoming requests from the same origin<br>
<br>
<br>
## 2.0.0<br>
<br>
* AGSEC-5: Social login<br>
<br>
* AGSEC-8: Provide a detailed specification about which methods<br>
will be supported<br>
<br>
* AGSEC-19: Security & privacy policy (geo, user, misc data)<br>
<br>
* Biometric authentication (TBD)<br>
<br>
<br>
<br>
<br>
_______________________________________________<br>
aerogear-dev mailing list<br>
<a href="mailto:aerogear-dev@lists.jboss.org">aerogear-dev@lists.jboss.org</a><br>
<a href="https://lists.jboss.org/mailman/listinfo/aerogear-dev" target="_blank">https://lists.jboss.org/mailman/listinfo/aerogear-dev</a><br>
</blockquote></div><br><br clear="all"><div><br></div>-- <br>Matthias Wessendorf <br><br>blog: <a href="http://matthiaswessendorf.wordpress.com/" target="_blank">http://matthiaswessendorf.wordpress.com/</a><br>sessions: <a href="http://www.slideshare.net/mwessendorf" target="_blank">http://www.slideshare.net/mwessendorf</a><br>
twitter: <a href="http://twitter.com/mwessendorf" target="_blank">http://twitter.com/mwessendorf</a>
</div>