Hylke Bons <mailto:email@example.com>
September 26, 2013 8:13 AM
I'm looking at http://aerogear.org/download/
and am somewhat confused.
Some questions about the Security part of AeroGear:
1. Is there a reason why OTP are separate libraries, instead of a
namespace on the existing AG libs?
Yes there is. You don't need to bring the
bits from AG Security to
Android devices like PicketLink for example. But is possible to use
aerogear-otp-java on the client (Android) and the server (JEE apps)
2. What's the difference between "Security Providers"
Security Providers: PicketLink, Apache
Shiro...<your favorite security
Alternative authentication methods: Hawk, Mozilla Persona...etc
3. Are Hawk and Java-OTP server modules?
Not really. Hawk is a
server authentication method for AGSecurity
) and aerogear-otp-java can be used
on the server/client as I mentioned.
What about iOS-OTP? That sounds
like another client lib?
Yes it is, is another client lib. Each platform must have
implementation for security.
I hope I got this right, if not, please enlighten me.
I hope that helps.
aerogear-dev mailing list