Re: [keycloak-dev] next release Beta 1 May timeframe

Must have: * Brute force attack protection / Max failed login attempts * Email notifications on certain events - related to audit log and your China warning idea, but things like sending users an email when failed login attempts has occured * Mobile adapters - I can sort out a Cordova adapter (it's just a wrapper for keycloak.js), and we just need to document (maybe create examples) on how to use AeroGear for iOS and Android native Nice to have: * Invalidate cookies for a specific device/browser through acct mngmt - for example if someone used remember me option on a public machine by mistake they need to be able to view devices/browsers with access, and invalidate specific machines * Multi-factory authentication SPI, and implement add one more multi-factor auth type - to show that we're not hard-coded to Google * Installed application adapter - extract code from example into an adapter * Rest endpoints for realm user management - non-admin access to users in a realm. Some applications may want to be able to lookup users. Something like 'realm/<myrealm>/users'? Same as for account we'd have a few roles for a 'user-management' application that can be granted to users ----- Original Message ----- > From: "Bill Burke" <bburke(a)redhat.com&gt; > To: keycloak-dev(a)lists.jboss.org > Sent: Thursday, 13 March, 2014 3:43:30 PM > Subject: [keycloak-dev] next release Beta 1 May timeframe > > I'd like for the next release (Beta-1) to be our last major feature > release. We'll shoot for early May as. I personally will be disrupted > 1-2 weeks because of Red Hat Summit/DevNation > > Must Have: > > * Fine grain import/export of keycloak store > * LDAP/AD support > * Audit Log > * Acct Service oauth revocation > * Social login remember me > * Multi-tenant adapter abilities (for Travis) > * Any bootstrap requirements Aerogear needs > * Admin console needs to be rebrandable and support different themes. > This is an Aerogear requirement > * Server needs to be able to run on Resteasy 2.3.6 (EAP 6.x). A must if > we want to get keycloak into EAP through UPS. > > Would like to have: > * Jira adapter. Have a good idea on how to implement, just need to find > the time or a volunteer. > * Tomcat, Jetty adapters > * Access control by IP Address and user geo location. i.e. block users > from logging in from China, or warn them. Google does a warning if > somebody logged into your account from China. Its how I found out how > somebody hacked my account a few years ago. i have a pretty good idea > on how to implement this, just need to find the time or a volunteer. > > > Anything major I'm missing? > > > -- > Bill Burke > JBoss, a division of Red Hat > http://bill.burkecentral.com > _______________________________________________ > keycloak-dev mailing list > keycloak-dev(a)lists.jboss.org > https://lists.jboss.org/mailman/listinfo/keycloak-dev > _______________________________________________ keycloak-dev mailing list keycloak-dev(a)lists.jboss.org https://lists.jboss.org/mailman/listinfo/keycloak-dev