On Jan 19, 2014, at 10:18 AM, Matthias Wessendorf <matzew(a)apache.org> wrote:
On Fri, Jan 17, 2014 at 10:04 PM, Jay Balunas <jbalunas(a)redhat.com> wrote:
Hi All,
Sorry all - book mode ;-)
We've had a couple of threads around keycloak integration (thanks Abstractj) and
working together with them (both in our dev list and theirs). I had a meeting (dinner
really) with Bill and talked about some possibilities and we're both excited to see
what can happen.
I wanted to capture some of those thoughts here (as well as some that already started
before), have some discussions, and more importantly talk about next steps (jira's) to
get some of this in the pipeline. I'm sure this is not exhaustive either, so please
add your own thoughts, brainstorming etc... (for example Cordova plugin perhaps?)
*In no particular order
A) AeroGear security integration
** Abstractj already posted and implemented some of these changes
**
http://aerogear-dev.1069024.n5.nabble.com/aerogear-dev-Keycloak-on-AeroGe...
** What's left here? Is it plug-able? Does it need to be?
The work started by Bruno looks promising. I like that for the login to the UPS Admin UI
is being forwarded to the Keycloak server.
As mentioned on the referenced thread, there is a bit of more work needed for the
"protection" of the SEND (and likely device registration) URLs.
B) Crypto key management
** Server-side encryption key management for client crypto
** Abstractj had some discussions here
***
http://lists.jboss.org/pipermail/keycloak-dev/2013-December/000915.html
*** Where does that stand?
** Do we need our own impl as well?
C) UnifiedPush server integration
** User management, Auth*
** Do we have our own basic impl for quickstart experience?
** See below for possible combined cartridge options
yep, the UPS come in mind and as mentioned in A) Bruno was already actively starting this
shortly before XMAS.
D) Cross-project examples, tutorials, docs, etc...
** TBD
Sure, combined docs/tutorials/examples are a good item once we do have a bit more :-) Not
sure it makes much sense now, but I can be wrong
Completely agree now is not the time. Just wanted to bring it up for discussion.
KeyCloak has some things they need as well, that we could work together on. I'm sure
the KeyCloak team could add more here :-)
Z) Device support
** We need it, they need, and others need it
** Bill would like us to help them (and us at the same time) with this.
yeah - that would be an extremely good fit for our Push efforts.
We'll need someone to setup a mtg, or discuss on the topic. Any takers?
Y) OpenShift Cartridge for KeyCloak
** I know this is already on their roadmap
** The work Farah and others has already done, could be very helpful to them
** We should also discuss the possibility of a joint cartridge
*** Could be really compelling, especially if you add in device, client key, and push
support with native SDKs & examples
*** Would also want separate cartridges as well imo
yeah, I see various options here:
* 'standalone' Keycloak cartridge (on their roadmap already); Would be nice to
get Farah involved here as well
* combined cartridge (E.g. Push + Keycloak). If we do actually fully integrate Keycloak
into the Push work, IMO this is a required option, to simply include the Keycloak
offerings into our Push Cartridge
Agreed, and I'd like to hear from the keycloak team on this as well. If they have
plans for pairing their cartridge with others.
X) Client SDK support
** We have client SDKs & could help with their dev (either as part of AeroGear or
KeyCloak perhaps)
** Primarily for iOS & Android, but would also want see where JS & Cordova fit.
Yes, another good integration item, would be interesting to know their
'requirements'. I think our OAuth2 related work, would be something that's
interesting for them as well
+1
You start putting all of this together and there is a great set of functionality that
really compliments each other well. After we discuss for a while, I'd like to find
owners for the various items to help make progress on these. Abstractj is awesome, but
not sure he can do it all ;-)
yes, great work by Bruno w/ getting actively started on this
+1
-Jay
PS: I'll post an email to the keycloak-dev list as well pointing to this thread on
our list.
_______________________________________________
aerogear-dev mailing list
aerogear-dev(a)lists.jboss.org
https://lists.jboss.org/mailman/listinfo/aerogear-dev
--
Matthias Wessendorf
blog:
http://matthiaswessendorf.wordpress.com/
sessions:
http://www.slideshare.net/mwessendorf
twitter:
http://twitter.com/mwessendorf
_______________________________________________
aerogear-dev mailing list
aerogear-dev(a)lists.jboss.org
https://lists.jboss.org/mailman/listinfo/aerogear-dev