Re: [aerogear-dev] Keycloak on AeroGear

Any specific reason to limit the scope to admin page only? I'm thinking about login for regular users

— abstractj On Sun, Jan 26, 2014 at 9:11 AM, Matthias Wessendorf <matzew(a)apache.org&gt;wrote: > Hello! > > I have a few more updates: > > On my branch (a fork from Bruno's branch), the URLs for the actual > sending and the device-registration (both 'protected' via HTTP-Basic), now > work again. I have 'limited' the scope of the Keycloak 'protection' to the > AdminUI. > > Greetings, > Matthias > > > > On Fri, Jan 24, 2014 at 6:05 PM, Matthias Wessendorf <matzew(a)apache.org&gt;wrote: > >> I have updated the branch w/ their recent changes from this weeks >> alpha-1 release, and submitted a PR against abstractj's repo: >> https://github.com/abstractj/aerogear-unifiedpush-server/pull/1 >> >> More to come >> >> Greetings, >> Matthias >> >> >> >> On Fri, Dec 20, 2013 at 1:11 PM, Bruno Oliveira <bruno(a)abstractj.org&gt;wrote: >> >>> Good morning peeps, yesterday I started to replace AeroGear Security on >>> Unified Push server by Keycloak and you might be asking: “Why?”. Keycloak >>> is a SSO with some handy features like TOTP, OAuth2, user management >>> support and I think we have too much to contribute, is the only way to have >>> some success with security, “divide to conquer" (at least for authorization >>> and authentication). >>> >>> So will ag-security be discontinued? No! Keycloak is still on Alpha and >>> we have to test it against our projects before fully replace ag-security, >>> but the only way to upstream our needs, is to using it. >>> >>> This replacement only applies to authentication/authorization features, >>> we still have a ton of projects which Keycloak is not able to replace like: >>> TOTP, crypto and OAuth2 on mobile, our focus. >>> >>> - PoC >>> >>> So let’s talk about this replacement, any dependency on ag-security was >>> removed from the push server and replaced by Keycloak: >>> https://github.com/abstractj/aerogear-unifiedpush-server/tree/openshift >>> >>> Based on Keycloak examples, I just did copy & paste from one of the >>> demos (https://github.com/abstractj/auth-server/tree/openshift) to >>> create a server. Keycloak requires Resteasy 3.0.4, for this reason I had to >>> manually replace some modules on JBoss. >>> >>> To test it go to: http://push-abstractj.rhcloud.com/ag-push/ you must >>> be redirected to Keycloak, enter: >>> >>> username: john(a)doe.com >>> password: password >>> >>> You must be redirected to agpush console, keep in mind that I took some >>> shortcuts to get this demo working, so for example the create will fail >>> because I removed everything related into the ember interface. >>> >>> Is also possible to enable TOTP, user’s registration and whatever you >>> want. >>> >>> So what do you think? >>> >>> -- >>> abstractj >>> >>> _______________________________________________ >>> aerogear-dev mailing list >>> aerogear-dev(a)lists.jboss.org >>> https://lists.jboss.org/mailman/listinfo/aerogear-dev >> >> >> >> >> -- >> Matthias Wessendorf >> >> blog: http://matthiaswessendorf.wordpress.com/ >> sessions: http://www.slideshare.net/mwessendorf >> twitter: http://twitter.com/mwessendorf >> > > > > -- > Matthias Wessendorf > > blog: http://matthiaswessendorf.wordpress.com/ > sessions: http://www.slideshare.net/mwessendorf > twitter: http://twitter.com/mwessendorf > _______________________________________________ aerogear-dev mailing list aerogear-dev(a)lists.jboss.org https://lists.jboss.org/mailman/listinfo/aerogear-dev