NIce. Some ideas from me:

* Identity what sucks and fix it. Reducing and simplyfing steps to secure an application or service.

* Automatic/dynamic client registration built-in to WF subsystem, or maybe to adapter in general

* Ability to force token validation on server-side in services using token introspection endpoint

* Way to specify what URLs are RESTful services and what are web app when both are combined in same WAR (first should return 401, second should redirect to login page)

* Role mapping - ability to map realm and client roles onto different JEE roles

* Remove the need to specify security domain in EJBs

By the way Go ain't Java? So is that not out of scope for JavaOne? Just curious.

On 16 September 2016 at 10:24, Sebastien Blanc <sblanc@redhat.com> wrote:

Hi !

Next week I will be at JavaOne, during the week I will have the privilege to lead for an afternoon the hackergarten area. For sure, I would like to bring up the KeyCloak project (along with Forge and maybe Swarm).
For those who don't know what an hackergarten is : http://hackergarten.net/

So, do we have any JIRAs, docs , tests missing that would fit for a 3 hours hacker session ?

My own ideas :
- Work on the Keycloak Forge Addon : Create Clients from Forge etc ...
- Start exploring a Keycloak Go Adapter
- Polish Java Adapter Documentation

I wait for your ideas !

Sebi

_______________________________________________
keycloak-user mailing list
keycloak-user@lists.jboss.org
https://lists.jboss.org/mailman/listinfo/keycloak-user