[keycloak-dev] priorities and who is available?

[ssilvert at redhat.com]

Give me until the end of next week to get the subsystem cleaned up and
ready to merge.  I want to get it fully working end to end before I turn
it over.  After that, I'll see how much time I can allocate to help.

Stan

On 1/23/2014 9:29 PM, Bill Burke wrote:
> I'd like to do another release in February.  Let's get an idea on 
> available resources, what the priority are, and who can work on what. 
> Let's see what work we can do in parallel.
>
> Key functionality:
>
> * Get Stan's Wildfly subsystem incorporated.
> * Figure out appropriate addition to admin console for Stan's subsystem. 
>   An SPI or something as well as UI.
> * Composite Roles.
> * Clean up Forgot Password and Reset password.  Should be possible for 
> admin to send user an email with a URL that allows them to reset the 
> password.  Right now requires entering in a password, telling user, and 
> sending an email.
> * Password Policies are broken.
> * Revocation policies.
> * Storage protection.  Smarter password hashes and protection of private 
> keys and OTP keys.
> * User session management.  Be able to show and list users logged into 
> an app and be able to remotely logout one or all of them.
> * More CORS options at the adapter level.
> * Device mgmt and security.  Need input from Bruno.
>
> Basically, we should have laser focus on critical features that must be 
> implemented to have a functional Keycloak release, but also to support 
> the needs of Red Hat projects specifically LiveOak, Wildfly, and 
> Aerogear.  Having Keycloak drive security for those 3 projects will get 
> us a lot more users than if we just went at it alone.
>
> Personally, I'd like to get Stan's work incorporated as soon as possible 
> and figure out a UI around it.  We should brainstorm together, but I 
> think we may have to rethink some of our UI.
>