8:20 a.m.
----- Original Message -----
From: "Bill Burke" <bburke(a)redhat.com>
To: keycloak-dev(a)lists.jboss.org
Sent: Thursday, 17 July, 2014 2:14:21 PM
Subject: Re: [keycloak-dev] Additional things to consider for 1.0.final
On 7/17/2014 8:55 AM, Stian Thorgersen wrote:
> As we didn't have enough things to do last minute I come up with more
> things which I think we should do for 1.0.final:
>
> 1. Configure JPA through keycloak-server.json instead of persistence.xml
>
> This would be super simple to do, and would let us have a single
> persistence.xml for everything (testsuite, server, project-integrations).
> Everything worthy of configuring in persistence.xml (including datasource)
> can be passed in the Map overrides when creating the EntityManagerFactory.
>
-1. I don't think learning a new configuration format for
persistence.xml is user friendly. Users would have to translate the
Hibernate documentation to our json format.
It would support both, configuration can either be done through persistence.xml or
keycloak-server.json. We could use the same property names, so it would just be a matter
of putting it in keycloak-server instead of properties in persistence.xml.
Also, why do our users need to understand Hibernate/JPA just to be able to configure what
data-source to use for Keycloak?
>
> 2. Introduce server-dependencies-min and server-dependencies-all poms
>
> We have a few places that includes all the dependencies required (server,
> testsuite/integration and testsuite/) as well as other project such as
> AeroGear and LiveOak. Instead of everyone having to list all the
> dependencies they could have a single dependency on either
> server-dependencies-min or server-dependencies-all. Min would exclude most
> if not all provider implementations (such as PicketLink/LDAP, social
> providers, etc).
>
+1
>
> 3. TOTP SPI
>
> At the moment we only support Google Authenticator, I don't think that's
> sufficient. We should at the very least add support for one more, and have
> an SPI so users can add their own. I think this would be related to the
> UserProvider sync work, as some UserProvider implementations may require
> both a password and totp to verify a users credentials, while others would
> only be able to verify the password and then have Keycloak verify the
> totp.
>
+1. Do we have cycles to include in 1.0?
> Also, do we need to support users with more than one totp? Personally I
> have two for work (one I use daily and another for backup).
+1. Do we have cycles to include in 1.0?
\
--
Bill Burke
JBoss, a division of Red Hat
http://bill.burkecentral.com
_______________________________________________
keycloak-dev mailing list
keycloak-dev(a)lists.jboss.org
https://lists.jboss.org/mailman/listinfo/keycloak-dev