[security-dev] New SSO/OAuth2 Project
Bruno Oliveira
bruno at abstractj.org
Thu Apr 18 12:00:41 EDT 2013
Count me in Bill to add some scenarios from AeroGear to your requirements.
Will this solution be portable across projects like Vert.x, TorqueBox….etc?
--
"The measure of a man is what he does with power" - Plato
-
@abstractj
-
Volenti Nihil Difficile
On Thursday, April 18, 2013 at 11:44 AM, Bill Burke wrote:
> Hey all,
>
> Mark Little approached me about starting a new project to provide an
> SSO/OAuth2 solution for browser apps and RESTful web services. We've
> gotten some buy-in/signoff from Anil, but I'd like to get buy-in/signoff
> from Boleslaw especially and the rest of you.
>
> The idea is to provide an integrated SSO/OAuth2 solution for browser
> apps and RESTful web services that can be used as a plugin for AS, a
> standalone auth server, a cloud auth server, and/or a cloud SaaS. The
> end product being something hosted on OpenShift and usable by anybody.
>
> I've started a requirements document and really need help rounding it out:
>
> https://community.jboss.org/wiki/ResteasySkeletonKeyWebSSOOAuth
>
> I also need help on the division of labor, if any with the Picketlink
> team, or any individual on this team. I'm fine doing all the work,
> delegating pieces to individuals, and/or reusing parts of Picketlink.
> What should the division of labor be? My first thought is that I'd
> build the service wholly or partially on the IDM API you all have been
> working on. That way you guys could focus on storage and federation
> (i.e. with LDAP, et. al.) and I could focus on UI, service, and protocol
> aspects.
>
> Also, as most of you already know. I've already done a ton of work so far:
>
> http://docs.jboss.org/resteasy/docs/3.0-beta-4/userguide/html/oauth2.html
>
> Previously I had also even started prototyping a cloudable IDP service
> using Infinispan as a backend store.
>
> https://github.com/resteasy/Resteasy/tree/master/jaxrs/security/skeleton-key-idm/skeleton-key-idp
>
> When the project is started, I'll be creating a new github project. I'd
> like to name the project "Resteasy Skeleton Key" or "Picketlink Skeleton
> Key".
>
> Thoughts? Concerns? Ideas? Insults? Whines? Cheers? Trash Talk? Once
> things get moving we'll also be talking to PM and the Cloud BU.
>
> --
> Bill Burke
> JBoss, a division of Red Hat
> http://bill.burkecentral.com
> _______________________________________________
> security-dev mailing list
> security-dev at lists.jboss.org (mailto:security-dev at lists.jboss.org)
> https://lists.jboss.org/mailman/listinfo/security-dev
More information about the security-dev
mailing list