[keycloak-dev] next release Beta 1 May timeframe

Stian Thorgersen stian at redhat.com
Thu Mar 13 12:20:15 EDT 2014 

Must have:

* Brute force attack protection / Max failed login attempts
* Email notifications on certain events - related to audit log and your China warning idea, but things like sending users an email when failed login attempts has occured
* Mobile adapters - I can sort out a Cordova adapter (it's just a wrapper for keycloak.js), and we just need to document (maybe create examples) on how to use AeroGear for iOS and Android native

Nice to have:

* Invalidate cookies for a specific device/browser through acct mngmt - for example if someone used remember me option on a public machine by mistake they need to be able to view devices/browsers with access, and invalidate specific machines
* Multi-factory authentication SPI, and implement add one more multi-factor auth type - to show that we're not hard-coded to Google 
* Installed application adapter - extract code from example into an adapter
* Rest endpoints for realm user management - non-admin access to users in a realm. Some applications may want to be able to lookup users. Something like 'realm/<myrealm>/users'? Same as for account we'd have a few roles for a 'user-management' application that can be granted to users

----- Original Message -----
> From: "Bill Burke" <bburke at redhat.com>
> To: keycloak-dev at lists.jboss.org
> Sent: Thursday, 13 March, 2014 3:43:30 PM
> Subject: [keycloak-dev] next release Beta 1 May timeframe
> 
> I'd like for the next release (Beta-1) to be our last major feature
> release. We'll shoot for early May as.  I personally will be disrupted
> 1-2 weeks because of Red Hat Summit/DevNation
> 
> Must Have:
> 
> * Fine grain import/export of keycloak store
> * LDAP/AD support
> * Audit Log
> * Acct Service oauth revocation
> * Social login remember me
> * Multi-tenant adapter abilities (for Travis)
> * Any bootstrap requirements Aerogear needs
> * Admin console needs to be rebrandable and support different themes.
> This is an Aerogear requirement
> * Server needs to be able to run on Resteasy 2.3.6 (EAP 6.x).  A must if
> we want to get keycloak into EAP through UPS.
> 
> Would like to have:
> * Jira adapter.  Have a good idea on how to implement, just need to find
> the time or a volunteer.
> * Tomcat, Jetty adapters
> * Access control by IP Address and user geo location.  i.e. block users
> from logging in from China, or warn them.  Google does a warning if
> somebody logged into your account from China. Its how I found out how
> somebody hacked my account a few years ago.  i have a pretty good idea
> on how to implement this, just need to find the time or a volunteer.
> 
> 
> Anything major I'm missing?
> 
> 
> --
> Bill Burke
> JBoss, a division of Red Hat
> http://bill.burkecentral.com
> _______________________________________________
> keycloak-dev mailing list
> keycloak-dev at lists.jboss.org
> https://lists.jboss.org/mailman/listinfo/keycloak-dev
>

More information about the keycloak-dev mailing list