Seam 3 Security has support for external authentication. Currently two standards are
supported: OpenID and SAML. You should realize that OAuth is basically not targeted at
authentication, but more at delegated access to a user's resources. So the question is
also: do we want to add support for doing delegated access to user resources? And will the
Seam application be the application that shares user resources to other applications, or
will it be the application that asks access to the user's resources that reside in
another application? Or both?
Apart from the question about whether to extend Seam Security with support for delegated
access mechanisms, there is another thing to take into account. There is a new OAuth 2.0
standard, which is very interesting. It's a lot less complex than OAuth 1.0, and
although it's still very new (AFAIK the spec hasn't even been completed), Facebook
already implemented it. I already added an external authentication option in the
PicketLink Seam module, based on their OAuth 2.0 access point, so that users can be
authenticated with their Facebook accounts. You can see it live in the Seam 2 powered
application
www.spellenmug.nl. This shows that even though OAuth 2.0 is more about
delegated access, it can also be used for authentication (with some limitations).
Another interesting thing is OpenID Connect (
http://openidconnect.com/). It's one of
the possible successors of OpenID 2.0, and it's based on OAuth 2.0. So OAuth and
OpenID are becoming more integrated in the near future. In think that if we put some OAuth
stuff on the roadmap for Seam 3, OpenID Connect is an interesting one, when it comes to
externally authenticating users.
On Dec 1, 2010, at 11:08 PM, Lincoln Baxter, III wrote:
Curious if this is on the drawing board, or what our plans for OAuth
support are. I think we need to provide a solution - I believe we already support OpenID.
--
Lincoln Baxter, III
http://ocpsoft.com
http://scrumshark.com
"Keep it Simple"
_______________________________________________
seam-dev mailing list
seam-dev(a)lists.jboss.org
https://lists.jboss.org/mailman/listinfo/seam-dev