I'm currently trying to wrap my head around a lot of AeroGear and JBoss
technologies, so I spent some time rearranging/rewording things that
weren't very clear to me on the aerogear.org home page. At first as an
excercise to get a better understanding about AeroGear myself, but I
think everybody will benefit from having easier to understand home page
I've rearrange some parts to create a better flow without removing any
of the current content. Here are the most important changes:
- Stick to one paragraph per "topic"
- Add action link below each paragraph to more resources
- Add links to Wikipedia pages for certain acronyms, as not everybody
may be familiar with all the acronyms used (even experienced developers)
- Expand certain acronyms to their full meaning
Let me know what you think needs improving/adding/removing (or please
correct things that I got wrong), and if this could potentially be
intergrated to the site.
= Bring Mobile and Enterprise together! =
*** AeroGear let's Android, iOS, and (hybrid) web apps talk to your
JBoss Aplication Server. ***
Get started with a library for your platform...
[[---platform buttons here---]]
== Why? ==
=== Unify mobile development ===
AeroGear provides flexible and extensible libraries to simplify mobile
development across platforms and cut common repetitive infrastructure
tasks. Integrate with the most exotic of endpoints.
[[ Get started >> ]]
=== Simple API ===
Talking to [[ RESTful ]] (1) backends couldn't be easier. We've
abstracted all of the plumbing into a simple programmatic API for doing
[[ CRUD ]] (2) operations and paginating large amounts of data.
[[ Browse API documentation >> ]]
=== Mobility and security, both ===
Integrate with your existing enterprise environment. AeroGear provides
Two-Factor Authentication and One-Time-Password features to improve your
[[ Learn about AeroGear Security >> ]]
=== Easy server routing ===
Define HTTP routes with a simple Java Internal [[ Domain-Specific
Language ]] (3). The perfect fit for client-heavy applications where you
have very few entry points and delegate logic to the client tiers.
[[ Learn about AeroGear Controller >> ]]
I have 2 small questions about the simplePushServer which are not crystal
clear for me :
1. When sending a notification, looks like, SPS only sends it to one User
Agent (I can't find the "broadcast" logic), does that mean that UP has to
do 1 PUT request to SPS per user agent ?
1.a is a channel always associated to 1 user agent ?
2. Does the content of the notification really only contains a version
number ? (How do we pass other info, or is it just a trigger and the
responsability of the UA to request to an app server the info?
Mahalo, here comes my proposal to AGSEC roadmap. Disclaimer: some tasks
are related with JS, iOS and Android. I don't want to push tasks to the
other teams, so feel free to assign to me as needed.
Again, feedback is more than welcome.
# AeroGear Security - Roadmap
* Bug fixes on examples and updates on AeroGear Security
* AGSEC-16: Support for multiple roles for AerogearUser (TBD with sblanc)
* AGSEC-29: Documentation with the overview and description on AeroGear
* AGSEC-36: Add a method to retrieve all registered users on the
AuthenticationManager interface (TBD with sblanc)
* AGSEC-36: Add CRUD methods for AerogearUser
* Initial support for OTP on JS
## 1.1.0 (Mid June)
* AGSEC-13: Add HTTP basic authentication support to the client side
* AGDROID-27 Add HTTP basic authentication support on AeroGear
Android (done by summers)
* AGIOS-4 Add HTTP basic authentication support on AeroGear iOS
(christos is on it)
* AGJS-18 Add HTTP basic authentication support on AeroGear.js (I
can help on it, I'm just following the JS roadmap)
* AGSEC-18: Add session management support
* AGSEC-27: Provide a detailed specification and which kind of
authentication schemes will be supported
* AGSEC-28: HOTP support
* AGDROID-30: Add HOTP support to aerogear-otp-java
* AGIOS-1: Add HOTP support to aerogear-otp-ios
* AGSEC-30: Unified Push (Add Client Access Key)
* AGSEC-31: Evaluate non repudiation for each application on the server
* AGSEC-34: Unified Push: Sec: Add Security Framework to PushEE
* AGSEC-48: Add Apache Shiro support on AeroGear Security
## 1.2.0 (Mid August)
* AGSEC-6: Encryption for mobile devices
* AGDROID-34 Implementation and API usage for android crypto
* AGIOS-3 Implementation and API usage for iOS crypto
* AGSEC-15: Add HTTP digest authentication support to the client side
* AGDROID-10 Add HTTP digest authentication support on AeroGear
* AGIOS-5 Add HTTP digest authentication support on AeroGear iOS
* AGIOS-6 Provide a parameter on iOS to enable/disable the usage
of cookies (abstractj)
* AGJS-23 Add HTTP digest authentication support on AeroGear.js
* AGSEC-26: Authentication schemes for mobile devices
* AGSEC-49: Add Hawk support on AeroGear Security
## 1.3.0 (Mid October)
* AGSEC-2: Secure storage and cache
* AGSEC-7: Provide a detailed specification about how it should work
* AGSEC-3: Url and Forms that perform important operations must be
protected by random tokens (hidden nonce values)
* AGSEC-4: Authentication of RESTful requests per transactions must be
provided as alternative on AeroGear Security
* AGSEC-14: HTTP signed requests
* AGSEC-17: Mobile devices blacklist support
## 1.4.0 (Mid January)
* AGSEC-12: Offline authentication
* AGSEC-25: Include rate-limit to incoming requests from the same origin
* AGSEC-5: Social login
* AGSEC-8: Provide a detailed specification about which methods
will be supported
* Biometric authentication (TBD)
Hi Matthias, I just moved any task related with Unified Push to
Let me know if that's the correct way for you.
Matthias Wessendorf wrote:
> Hi Bruno,
> I added the new items to this "umbrella" ticket.
> I'd say, we move the other "unified push" JIRAs to this parent as well.
> If you agree, let me move the bits!
Today I went to move the JS roadmap from a gist to the website. I have determined that I hate our roadmap section. It's messy and will not be maintainable going forward. I would like to make a proposal for some updates before I dive in.
First, there is no need for versioning on the index page. It is a roadmap so it should just represent the road ahead and be updated as things change. Once we have passed a milestone, it can be removed since it is no longer on the roadmap or has been moved to a new milestone.
That in itself will clean things up greatly. After that I would just do some minor tweaks to the layout of the index page, etc and I think we will be better off. Thoughts?
I can go ahead and make the changes and send a PR for discussion if that would work better for people as well.
I noticed this today and I saw that passos noticed it too. We need workflow updates made to all of the AG* projects to be able to set the status to "Pull Request Sent" and link to the PR. Basically, all of the same workflow that we have on AEROGEAR we need on AG*.
First a few caveats:
1. There is no server side implementation / spec yet so the client
"solution" should be rather pluggable.
2. I've only looked at iOS as a sanity check on my ideas.
I've been working on some PoC's for multipart on Android. After a few
false starts here is the idea I've come up with to support
multipart/from-data content types (ie uploading files).
Add a new configuration option to a Pipe's configuration: a request builder.
The request builder will be a callback/closure/class that consumes the
data arguments from a pipes save request and produces the body of the
request. In Android it can be an interface which is implemented and in
iOS it can be a block which is passed to AFHttpClient's
multipartFormRequestWithMethod. I'm not sure what the implications to
Specifically in Android the gson specific request code will be
refactored into a GSONRequestBuilder, and we will write (and define the
behavior of) a MultipartRequestBuilder. Also PipeConfig.setGsonBuilder
will become deprecated (a good move IMHO).
Good morning my friends.
One of the big question around security, is how is going to look like
with our projects growing fast. So I have the whole picture in my mind
and I'd like to share with you guys, for feedback, tomatoes or whatever.
The image is attached to this e-mail, but I'm not sure if we have any
filters so, here comes the gist
Thanks in advance.