[keycloak-dev] priorities and who is available?

[Bill Burke]

I'd like to do another release in February.  Let's get an idea on 
available resources, what the priority are, and who can work on what. 
Let's see what work we can do in parallel.

Key functionality:

* Get Stan's Wildfly subsystem incorporated.
* Figure out appropriate addition to admin console for Stan's subsystem. 
  An SPI or something as well as UI.
* Composite Roles.
* Clean up Forgot Password and Reset password.  Should be possible for 
admin to send user an email with a URL that allows them to reset the 
password.  Right now requires entering in a password, telling user, and 
sending an email.
* Password Policies are broken.
* Revocation policies.
* Storage protection.  Smarter password hashes and protection of private 
keys and OTP keys.
* User session management.  Be able to show and list users logged into 
an app and be able to remotely logout one or all of them.
* More CORS options at the adapter level.
* Device mgmt and security.  Need input from Bruno.

Basically, we should have laser focus on critical features that must be 
implemented to have a functional Keycloak release, but also to support 
the needs of Red Hat projects specifically LiveOak, Wildfly, and 
Aerogear.  Having Keycloak drive security for those 3 projects will get 
us a lot more users than if we just went at it alone.

Personally, I'd like to get Stan's work incorporated as soon as possible 
and figure out a UI around it.  We should brainstorm together, but I 
think we may have to rethink some of our UI.

-- 
Bill Burke
JBoss, a division of Red Hat
http://bill.burkecentral.com