[security-dev] New SSO/OAuth2 Project
Bolesław Dawidowicz
bdawidow at redhat.com
Thu Apr 18 11:52:46 EDT 2013
Ok, but first of all I would like to understand better where Bill is
aiming and what does he want to cover. From the requirements it looks
like everything tbh
We are very interested for example to have full OAuth2 support (server
side) in PL - even in subsystem. Better with whole SCIM implementation
and handy REST endpoints. So if this could be provided by Bill I'm more
then happy to benefit from his project in our identity related components.
I'm also interested to learn if Bill is aiming to cover full OAuth2 spec
in his implementation or only server side application flow. Because
otherwise it will be hard to reuse on our side and I imagine it will be
similar for AeroGear as well.
What are the components and services that RestEasy would aim to deliver
What would be reusability of this work?
If PicketLink is just internally consumed component by RestEasy aimed to
only handle storage it doesn't sound very appealing to us.
On 04/18/2013 05:40 PM, Anil Saldhana wrote:
> Bolek - I think we just got to figure out between the teams how we are
> going to distribute the pieces and reduce
> overlap as much as possible. We will need REST based services using
> RESTEasy and security bits delivered via
> PicketLink. What Bill wants to do is more like an infrastructure/service
> that drives sso/oauth2. He has been on
> it from a long long time now.
>
> If there is something you guys are doing right now that has major
> overlap with Bill's goals, we need to hash it out
> a bit. We should host almost all of the security bits in PicketLink
> umbrella if possible.
>
>
> On 04/18/2013 10:35 AM, Bolesław Dawidowicz wrote:
>> Wow... looking at your requirements document I wonder if there is any
>> aspect of identity not covered by your new project.
>>
>> Hard for me to reply much atm. as we are getting quite advanced
>> prototyping with various elements that you listed already. And now you
>> suddenly write that this is owned by your new project under RestEasy
>> umbrella... Not sure what you expect to hear from us?
>>
>> We should do a call next week. Let me arrange it after the weekend to
>> discuss this. Tomorrow I'm on PTO and hoped to start in 30min... ;)
>>
>> Bolek
>>
>> On 04/18/2013 04:44 PM, Bill Burke wrote:
>>> Hey all,
>>>
>>> Mark Little approached me about starting a new project to provide an
>>> SSO/OAuth2 solution for browser apps and RESTful web services. We've
>>> gotten some buy-in/signoff from Anil, but I'd like to get buy-in/signoff
>>> from Boleslaw especially and the rest of you.
>>>
>>> The idea is to provide an integrated SSO/OAuth2 solution for browser
>>> apps and RESTful web services that can be used as a plugin for AS, a
>>> standalone auth server, a cloud auth server, and/or a cloud SaaS. The
>>> end product being something hosted on OpenShift and usable by anybody.
>>>
>>> I've started a requirements document and really need help rounding it out:
>>>
>>> https://community.jboss.org/wiki/ResteasySkeletonKeyWebSSOOAuth
>>>
>>> I also need help on the division of labor, if any with the Picketlink
>>> team, or any individual on this team. I'm fine doing all the work,
>>> delegating pieces to individuals, and/or reusing parts of Picketlink.
>>> What should the division of labor be? My first thought is that I'd
>>> build the service wholly or partially on the IDM API you all have been
>>> working on. That way you guys could focus on storage and federation
>>> (i.e. with LDAP, et. al.) and I could focus on UI, service, and protocol
>>> aspects.
>>>
>>> Also, as most of you already know. I've already done a ton of work so far:
>>>
>>> http://docs.jboss.org/resteasy/docs/3.0-beta-4/userguide/html/oauth2.html
>>>
>>> Previously I had also even started prototyping a cloudable IDP service
>>> using Infinispan as a backend store.
>>>
>>> https://github.com/resteasy/Resteasy/tree/master/jaxrs/security/skeleton-key-idm/skeleton-key-idp
>>>
>>> When the project is started, I'll be creating a new github project. I'd
>>> like to name the project "Resteasy Skeleton Key" or "Picketlink Skeleton
>>> Key".
>>>
>>> Thoughts? Concerns? Ideas? Insults? Whines? Cheers? Trash Talk? Once
>>> things get moving we'll also be talking to PM and the Cloud BU.
>>>
>>
> _______________________________________________
> security-dev mailing list
> security-dev at lists.jboss.org
> https://lists.jboss.org/mailman/listinfo/security-dev
>
More information about the security-dev
mailing list