[keycloak-dev] M1 release scope
Stian Thorgersen
stian at redhat.com
Thu Sep 19 04:39:16 EDT 2013
Bill, I assume you would be happy with Marek adding MongoDB to M1 as long as we take on any work related to it?
It's important for the MBaaS project.
----- Original Message -----
> From: "Marek Posolda" <mposolda at redhat.com>
> To: "Bill Burke" <bburke at redhat.com>
> Cc: keycloak-dev at lists.jboss.org
> Sent: Thursday, 19 September, 2013 9:28:12 AM
> Subject: Re: [keycloak-dev] M1 release scope
>
> On 19.9.2013 03:11, Bill Burke wrote:
> > We need to decide what we want to do for M1. Here's my stab at it.
> > Let's discuss in email first as much as we can and then have a hangout
> > sometime next week to go over it and nail things down.
> >
> > First and foremost. We have to focus. No new features. No playing
> > around. For example: no adding refresh token support. No client-cert
> > support. No changes to protocols. No new backends. Let's just use
> > Picketlink JDBC. No 'forgot password' using SMS, etc... You get the
> > picture.
> At this moment, I have working MongoDB backend and I would like to send
> PR with it by the end of this week. I just need to adapt this with
> latest changes in RealmModel and UserModel interfaces (added new fields
> related to requiredActions and totp).
>
> TBH I don't know why to not have it as part of M1? I am not seeing any
> disadvantages for people to have possibility to choose from more
> backends? Another thing is that it is easier for people to see or edit
> DB content directly in MongoDB database. Of course it's not so easy as
> directly edit XML/JSON file, but much easier than Picketlink IDM DB
> schema, which is quite complex.
>
> I am seeing just one disadvantage that every change in model interfaces
> needs to be adapted to both backend implementations, but you can always
> workaround this by implement stuff just for Picketlink and create JIRA
> for me to adapt changes to MongoDB backend. I can also disable MongoDB
> unit tests by default (ATM I have them enabled by default in my branch)
>
> Marek
>
> >
> > Required:
> >
> > * Social Broker login with as many providers as possible. Minimally
> > Google and Facebook.
> > * SSO and SLO (Single Log Out)
> > * Password and TOTP login
> > * OAuth Client Grant support
> > * Example with apps using all o these features
> > * Keycloak website setup and finalized
> > * Online video walking through a demonstration of features
> > * Online video walking though how to configure it
> > * JBoss 7.1.x Community and JBoss EAP 6.1 support
> >
> > Knowing this there are two paths we can take. We can either include an
> > Admin UI in M1 or not. IMO, if we do *NOT* have an Admin UI for M1, we
> > probably need to not have registration or account management. Here's
> > what it might look like:
> >
> > Option #1: No Input UIs
> >
> > * A read-only XML/JSON file-based backend. Users must edit this to add
> > users, roles, etc...
> > * No Admin UI
> > * No Registration, forgotten passwords, account management. All these
> > require runtime updates to the database.
> > * What would we do about social though? As it requires registration?
> >
> > Work required (time estimates could take shorter or longer depending on
> > interruptions):
> > * 1-2 man-weeks to do file-based back-end
> > * 1-5 days to design the OAuth Grant Pages.
> > * 1 day to incorporate Grant pages
> > * Do we want fancier demo apps to show SSO and OAuth Grants? If so,
> > this is minimum 2 weeks. 1 to get Event Juggler hooked into Keycloak.
> > 1+ weeks to create another related SSO application. 1+ more to create
> > an OAuth application.
> > * 1 week to organize the Website and create demo videos.
> > * 1-2 weeks for documentation
> > * 1+ weeks to decide and implement how we're going to distribute
> > keycloak. Will it be a AS7 and/or EAP distro? A WAR? etc...
> >
> > So best case scenario is end of October. It would minimally require
> > myself and Gabriel. Others would be needed if we want fancier demo apps
> > as it is beyond my ability to create a nice looking demo app in a short
> > period of time.
> >
> > Option #2: UIs
> >
> > This would take a lot more work as we would need to finish up the admin,
> > registration, and account management UIs. I'd say Christmas time would
> > be a viable M1 release for this. This would require everybody.
> >
> >
>
> _______________________________________________
> keycloak-dev mailing list
> keycloak-dev at lists.jboss.org
> https://lists.jboss.org/mailman/listinfo/keycloak-dev
>
More information about the keycloak-dev
mailing list