[keycloak-dev] priorities and who is available?

ssilvert at redhat.com ssilvert at redhat.com
Fri Jan 24 09:36:50 EST 2014


There is one potential roadblock to adding UI for the KeyCloak subsystem
right now.   When you put the UI into the KeyCloak console you won't be
able to directly access the http management endpoint.  This is a
limitation that is being addressed by Darran's work on CORS support.

Darran, would it be possible to get a fork of the latest WildFly that
just allows all CORS requests.  Is that something you could do without
much effort so we would have a build that we could use for development?

Herald Pehl created a fork like that, but it is based on WildFly 8 Alpha
1, which doesn't work with KeyCloak.
http://hpehl.info/independent-jboss-admin-console.html

 On 1/24/2014 9:12 AM, ssilvert at redhat.com wrote:
> Give me until the end of next week to get the subsystem cleaned up and
> ready to merge.  I want to get it fully working end to end before I turn
> it over.  After that, I'll see how much time I can allocate to help.
>
> Stan
>
> On 1/23/2014 9:29 PM, Bill Burke wrote:
>> I'd like to do another release in February.  Let's get an idea on 
>> available resources, what the priority are, and who can work on what. 
>> Let's see what work we can do in parallel.
>>
>> Key functionality:
>>
>> * Get Stan's Wildfly subsystem incorporated.
>> * Figure out appropriate addition to admin console for Stan's subsystem. 
>>   An SPI or something as well as UI.
>> * Composite Roles.
>> * Clean up Forgot Password and Reset password.  Should be possible for 
>> admin to send user an email with a URL that allows them to reset the 
>> password.  Right now requires entering in a password, telling user, and 
>> sending an email.
>> * Password Policies are broken.
>> * Revocation policies.
>> * Storage protection.  Smarter password hashes and protection of private 
>> keys and OTP keys.
>> * User session management.  Be able to show and list users logged into 
>> an app and be able to remotely logout one or all of them.
>> * More CORS options at the adapter level.
>> * Device mgmt and security.  Need input from Bruno.
>>
>> Basically, we should have laser focus on critical features that must be 
>> implemented to have a functional Keycloak release, but also to support 
>> the needs of Red Hat projects specifically LiveOak, Wildfly, and 
>> Aerogear.  Having Keycloak drive security for those 3 projects will get 
>> us a lot more users than if we just went at it alone.
>>
>> Personally, I'd like to get Stan's work incorporated as soon as possible 
>> and figure out a UI around it.  We should brainstorm together, but I 
>> think we may have to rethink some of our UI.
>>
> _______________________________________________
> keycloak-dev mailing list
> keycloak-dev at lists.jboss.org
> https://lists.jboss.org/mailman/listinfo/keycloak-dev



More information about the keycloak-dev mailing list