[keycloak-dev] M1 release scope

Stian Thorgersen stian at redhat.com
Thu Sep 19 04:39:16 EDT 2013 

Bill, I assume you would be happy with Marek adding MongoDB to M1 as long as we take on any work related to it? 

It's important for the MBaaS project.

----- Original Message -----
> From: "Marek Posolda" <mposolda at redhat.com>
> To: "Bill Burke" <bburke at redhat.com>
> Cc: keycloak-dev at lists.jboss.org
> Sent: Thursday, 19 September, 2013 9:28:12 AM
> Subject: Re: [keycloak-dev] M1 release scope
> 
> On 19.9.2013 03:11, Bill Burke wrote:
> > We need to decide what we want to do for M1.  Here's my stab at it.
> > Let's discuss in email first as much as we can and then have a hangout
> > sometime next week to go over it and nail things down.
> >
> > First and foremost.  We have to focus.  No new features.  No playing
> > around.  For example:  no adding refresh token support.  No client-cert
> > support.  No changes to protocols. No new backends.  Let's just use
> > Picketlink JDBC.  No 'forgot password' using SMS, etc... You get the
> > picture.
> At this moment, I have working MongoDB backend and I would like to send
> PR with it by the end of this week. I just need to adapt this with
> latest changes in RealmModel and UserModel interfaces (added new fields
> related to requiredActions and totp).
> 
> TBH I don't know why to not have it as part of M1? I am not seeing any
> disadvantages for people to have possibility to choose from more
> backends? Another thing is that it is easier for people to see or edit
> DB content directly in MongoDB database. Of course it's not so easy as
> directly edit XML/JSON file, but much easier than Picketlink IDM DB
> schema, which is quite complex.
> 
> I am seeing just one disadvantage that every change in model interfaces
> needs to be adapted to both backend implementations, but you can always
> workaround this by implement stuff just for Picketlink and create JIRA
> for me to adapt changes to MongoDB backend. I can also disable MongoDB
> unit tests by default (ATM I have them enabled by default in my branch)
> 
> Marek
> 
> >
> > Required:
> >
> > * Social Broker login with as many providers as possible.  Minimally
> > Google and Facebook.
> > * SSO and SLO (Single Log Out)
> > * Password and TOTP login
> > * OAuth Client Grant support
> > * Example with apps using all o these features
> > * Keycloak website setup and finalized
> > * Online video walking through a demonstration of features
> > * Online video walking though how to configure it
> > * JBoss 7.1.x Community and JBoss EAP 6.1 support
> >
> > Knowing this there are two paths we can take.  We can either include an
> > Admin UI in M1 or not.  IMO, if we do *NOT* have an Admin UI for M1, we
> > probably need to not have registration or account management.  Here's
> > what it might look like:
> >
> > Option #1: No Input UIs
> >
> > * A read-only XML/JSON file-based backend.  Users must edit this to add
> > users, roles, etc...
> > * No Admin UI
> > * No Registration, forgotten passwords, account management.  All these
> > require runtime updates to the database.
> > * What would we do about social though?  As it requires registration?
> >
> > Work required (time estimates could take shorter or longer depending on
> > interruptions):
> > * 1-2 man-weeks to do file-based back-end
> > * 1-5 days to design the OAuth Grant Pages.
> > * 1 day to incorporate Grant pages
> > * Do we want fancier demo apps to show SSO and OAuth Grants?  If so,
> > this is minimum 2 weeks.  1 to get Event Juggler hooked into Keycloak.
> > 1+ weeks to create another related SSO application.  1+ more to create
> > an OAuth application.
> > * 1 week to organize the Website and create demo videos.
> > * 1-2 weeks for documentation
> > * 1+ weeks to decide and implement how we're going to distribute
> > keycloak.  Will it be a AS7 and/or EAP distro?  A WAR?  etc...
> >
> > So best case scenario is end of October.  It would minimally require
> > myself and Gabriel.  Others would be needed if we want fancier demo apps
> > as it is beyond my ability to create a nice looking demo app in a short
> > period of time.
> >
> > Option #2: UIs
> >
> > This would take a lot more work as we would need to finish up the admin,
> > registration, and account management UIs.  I'd say Christmas time would
> > be a viable M1 release for this.  This would require everybody.
> >
> >
> 
> _______________________________________________
> keycloak-dev mailing list
> keycloak-dev at lists.jboss.org
> https://lists.jboss.org/mailman/listinfo/keycloak-dev
>

More information about the keycloak-dev mailing list