<div dir="ltr"><br><div class="gmail_extra"><br><br><div class="gmail_quote">On Tue, Jan 21, 2014 at 11:10 PM, Jay Balunas <span dir="ltr"><<a href="mailto:jbalunas@redhat.com" target="_blank">jbalunas@redhat.com</a>></span> wrote:<br>
<blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><div style="word-wrap:break-word"><br><div><div><div class="h5"><div>On Jan 19, 2014, at 10:18 AM, Matthias Wessendorf <<a href="mailto:matzew@apache.org" target="_blank">matzew@apache.org</a>> wrote:</div>
<br><blockquote type="cite"><div dir="ltr"><br><div class="gmail_extra"><br><br><div class="gmail_quote">On Fri, Jan 17, 2014 at 10:04 PM, Jay Balunas <span dir="ltr"><<a href="mailto:jbalunas@redhat.com" target="_blank">jbalunas@redhat.com</a>></span> wrote:<br>
<blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><div style="word-wrap:break-word">Hi All,<div><br></div><div>Sorry all - book mode ;-)</div><div><br></div><div>We've had a couple of threads around keycloak integration (thanks Abstractj) and working together with them (both in our dev list and theirs). I had a meeting (dinner really) with Bill and talked about some possibilities and we're both excited to see what can happen.</div>
<div><br></div><div>I wanted to capture some of those thoughts here (as well as some that already started before), have some discussions, and more importantly talk about next steps (jira's) to get some of this in the pipeline. I'm sure this is not exhaustive either, so please add your own thoughts, brainstorming etc... (for example Cordova plugin perhaps?)</div>
<div><br></div><div>*In no particular order</div><div><br></div><div>A) AeroGear security integration</div><div>** Abstractj already posted and implemented some of these changes</div><div>** <a href="http://aerogear-dev.1069024.n5.nabble.com/aerogear-dev-Keycloak-on-AeroGear-td5663.html" target="_blank">http://aerogear-dev.1069024.n5.nabble.com/aerogear-dev-Keycloak-on-AeroGear-td5663.html</a></div>
<div>** What's left here? Is it plug-able? Does it need to be?</div></div></blockquote><div><br></div><div>The work started by Bruno looks promising. I like that for the login to the UPS Admin UI is being forwarded to the Keycloak server.</div>
<div>As mentioned on the referenced thread, there is a bit of more work needed for the "protection" of the SEND (and likely device registration) URLs.</div><div><br></div><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left-width:1px;border-left-color:rgb(204,204,204);border-left-style:solid;padding-left:1ex">
<div style="word-wrap:break-word"><div><br></div><div>B) Crypto key management</div><div>** Server-side encryption key management for client crypto</div><div>** Abstractj had some discussions here</div><div>*** <a href="http://lists.jboss.org/pipermail/keycloak-dev/2013-December/000915.html" target="_blank">http://lists.jboss.org/pipermail/keycloak-dev/2013-December/000915.html</a></div>
<div>*** Where does that stand?</div><div>** Do we need our own impl as well?</div><div><br></div><div>C) UnifiedPush server integration</div><div>** User management, Auth*</div><div>** Do we have our own basic impl for quickstart experience?</div>
<div>** See below for possible combined cartridge options</div></div></blockquote><div><br></div><div>yep, the UPS come in mind and as mentioned in A) Bruno was already actively starting this shortly before XMAS.</div><div>
<br></div><div> </div><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><div style="word-wrap:break-word"><div><br></div><div>D) Cross-project examples, tutorials, docs, etc...</div>
<div>** TBD</div></div></blockquote><div><br></div><div>Sure, combined docs/tutorials/examples are a good item once we do have a bit more :-) Not sure it makes much sense now, but I can be wrong</div></div></div></div></blockquote>
<div><br></div></div></div><div>Completely agree now is not the time. Just wanted to bring it up for discussion. </div><div class="im"><br><blockquote type="cite"><div dir="ltr"><div class="gmail_extra"><div class="gmail_quote">
<div> </div><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left-width:1px;border-left-color:rgb(204,204,204);border-left-style:solid;padding-left:1ex">
<div style="word-wrap:break-word"><div><br></div><div>KeyCloak has some things they need as well, that we could work together on. I'm sure the KeyCloak team could add more here :-)</div><div><br></div><div>Z) Device support </div>
<div>** We need it, they need, and others need it</div><div>** Bill would like us to help them (and us at the same time) with this.</div></div></blockquote><div><br></div><div>yeah - that would be an extremely good fit for our Push efforts.</div>
</div></div></div></blockquote><div><br></div></div><div>We'll need someone to setup a mtg, or discuss on the topic. Any takers?</div></div></div></blockquote><div><br></div><div>I can reach out to them, via mailing list, to see what they are up to, regarding "Device support". Not 100% sure which email list is the 'right' choice (cross-postings are IMO a PITA :))</div>
<div><br></div><div> </div><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><div style="word-wrap:break-word"><div><div class="im"><br><blockquote type="cite"><div dir="ltr">
<div class="gmail_extra"><div class="gmail_quote">
<div> </div><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><div style="word-wrap:break-word"><div><br></div><div>Y) OpenShift Cartridge for KeyCloak</div><div>** I know this is already on their roadmap</div>
<div>** The work Farah and others has already done, could be very helpful to them</div><div>** We should also discuss the possibility of a joint cartridge</div><div>*** Could be really compelling, especially if you add in device, client key, and push support with native SDKs & examples</div>
<div>*** Would also want separate cartridges as well imo</div></div></blockquote><div><br></div><div>yeah, I see various options here:</div><div>* 'standalone' Keycloak cartridge (on their roadmap already); Would be nice to get Farah involved here as well</div>
<div>* combined cartridge (E.g. Push + Keycloak). If we do actually fully integrate Keycloak into the Push work, IMO this is a required option, to simply include the Keycloak offerings into our Push Cartridge</div></div>
</div></div></blockquote><div><br></div></div><div>Agreed, and I'd like to hear from the keycloak team on this as well. If they have plans for pairing their cartridge with others.</div></div></div></blockquote><div><br>
</div><div>On their list they are currently talking about standalone ones, but later, we might be able to integrate w/ their server piece.</div><div> </div><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">
<div style="word-wrap:break-word"><div><div class="im"><br><blockquote type="cite"><div dir="ltr"><div class="gmail_extra"><div class="gmail_quote"><div> </div>
<blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><div style="word-wrap:break-word"><div><br></div><div>X) Client SDK support</div><div>** We have client SDKs & could help with their dev (either as part of AeroGear or KeyCloak perhaps)</div>
<div>** Primarily for iOS & Android, but would also want see where JS & Cordova fit.</div></div></blockquote><div><br></div><div>Yes, another good integration item, would be interesting to know their 'requirements'. I think our OAuth2 related work, would be something that's interesting for them as well</div>
</div></div></div></blockquote><div><br></div></div><div>+1</div><div class="im"><br><blockquote type="cite"><div dir="ltr"><div class="gmail_extra"><div class="gmail_quote">
<div> </div><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><div style="word-wrap:break-word"><div><br></div><div>You start putting all of this together and there is a great set of functionality that really compliments each other well. After we discuss for a while, I'd like to find owners for the various items to help make progress on these. Abstractj is awesome, but not sure he can do it all ;-)</div>
</div></blockquote><div><br></div><div>yes, great work by Bruno w/ getting actively started on this</div></div></div></div></blockquote><div><br></div></div><div>+1</div><div class="im"><br><blockquote type="cite"><div dir="ltr">
<div class="gmail_extra"><div class="gmail_quote"><div><br></div><div> </div><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">
<div style="word-wrap:break-word"><span><font color="#888888"><div><br></div><div>-Jay</div></font></span><div><br></div><div>PS: I'll post an email to the keycloak-dev list as well pointing to this thread on our list.</div>
</div><br>_______________________________________________<br>
aerogear-dev mailing list<br>
<a href="mailto:aerogear-dev@lists.jboss.org" target="_blank">aerogear-dev@lists.jboss.org</a><br>
<a href="https://lists.jboss.org/mailman/listinfo/aerogear-dev" target="_blank">https://lists.jboss.org/mailman/listinfo/aerogear-dev</a><br></blockquote></div><br><br clear="all"><div><br></div>-- <br>Matthias Wessendorf <br>
<br>blog: <a href="http://matthiaswessendorf.wordpress.com/" target="_blank">http://matthiaswessendorf.wordpress.com/</a><br>sessions: <a href="http://www.slideshare.net/mwessendorf" target="_blank">http://www.slideshare.net/mwessendorf</a><br>
twitter: <a href="http://twitter.com/mwessendorf" target="_blank">http://twitter.com/mwessendorf</a>
</div></div>
_______________________________________________<br>aerogear-dev mailing list<br><a href="mailto:aerogear-dev@lists.jboss.org" target="_blank">aerogear-dev@lists.jboss.org</a><br><a href="https://lists.jboss.org/mailman/listinfo/aerogear-dev" target="_blank">https://lists.jboss.org/mailman/listinfo/aerogear-dev</a></blockquote>
</div></div><br></div><br>_______________________________________________<br>
aerogear-dev mailing list<br>
<a href="mailto:aerogear-dev@lists.jboss.org">aerogear-dev@lists.jboss.org</a><br>
<a href="https://lists.jboss.org/mailman/listinfo/aerogear-dev" target="_blank">https://lists.jboss.org/mailman/listinfo/aerogear-dev</a><br></blockquote></div><br><br clear="all"><div><br></div>-- <br>Matthias Wessendorf <br>
<br>blog: <a href="http://matthiaswessendorf.wordpress.com/" target="_blank">http://matthiaswessendorf.wordpress.com/</a><br>sessions: <a href="http://www.slideshare.net/mwessendorf" target="_blank">http://www.slideshare.net/mwessendorf</a><br>
twitter: <a href="http://twitter.com/mwessendorf" target="_blank">http://twitter.com/mwessendorf</a>
</div></div>