[seam-dev] Seam Security supporting OAuth?
Marcel Kolsteren
marcel at meandi.nl
Wed Dec 1 17:43:02 EST 2010
Seam 3 Security has support for external authentication. Currently two standards are supported: OpenID and SAML. You should realize that OAuth is basically not targeted at authentication, but more at delegated access to a user's resources. So the question is also: do we want to add support for doing delegated access to user resources? And will the Seam application be the application that shares user resources to other applications, or will it be the application that asks access to the user's resources that reside in another application? Or both?
Apart from the question about whether to extend Seam Security with support for delegated access mechanisms, there is another thing to take into account. There is a new OAuth 2.0 standard, which is very interesting. It's a lot less complex than OAuth 1.0, and although it's still very new (AFAIK the spec hasn't even been completed), Facebook already implemented it. I already added an external authentication option in the PicketLink Seam module, based on their OAuth 2.0 access point, so that users can be authenticated with their Facebook accounts. You can see it live in the Seam 2 powered application www.spellenmug.nl. This shows that even though OAuth 2.0 is more about delegated access, it can also be used for authentication (with some limitations).
Another interesting thing is OpenID Connect (http://openidconnect.com/). It's one of the possible successors of OpenID 2.0, and it's based on OAuth 2.0. So OAuth and OpenID are becoming more integrated in the near future. In think that if we put some OAuth stuff on the roadmap for Seam 3, OpenID Connect is an interesting one, when it comes to externally authenticating users.
On Dec 1, 2010, at 11:08 PM, Lincoln Baxter, III wrote:
> Curious if this is on the drawing board, or what our plans for OAuth support are. I think we need to provide a solution - I believe we already support OpenID.
>
> --
> Lincoln Baxter, III
> http://ocpsoft.com
> http://scrumshark.com
> "Keep it Simple"
> _______________________________________________
> seam-dev mailing list
> seam-dev at lists.jboss.org
> https://lists.jboss.org/mailman/listinfo/seam-dev
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.jboss.org/pipermail/seam-dev/attachments/20101201/288079b7/attachment.html
More information about the seam-dev
mailing list