[security-dev] New SSO/OAuth2 Project

Bruno Oliveira bruno at abstractj.org
Thu Apr 18 12:00:41 EDT 2013


Count me in Bill to add some scenarios from AeroGear to your requirements.  

Will this solution be portable across projects like Vert.x, TorqueBox….etc?    


--  
"The measure of a man is what he does with power" - Plato
-
@abstractj
-
Volenti Nihil Difficile



On Thursday, April 18, 2013 at 11:44 AM, Bill Burke wrote:

> Hey all,
>  
> Mark Little approached me about starting a new project to provide an  
> SSO/OAuth2 solution for browser apps and RESTful web services. We've  
> gotten some buy-in/signoff from Anil, but I'd like to get buy-in/signoff  
> from Boleslaw especially and the rest of you.
>  
> The idea is to provide an integrated SSO/OAuth2 solution for browser  
> apps and RESTful web services that can be used as a plugin for AS, a  
> standalone auth server, a cloud auth server, and/or a cloud SaaS. The  
> end product being something hosted on OpenShift and usable by anybody.
>  
> I've started a requirements document and really need help rounding it out:
>  
> https://community.jboss.org/wiki/ResteasySkeletonKeyWebSSOOAuth
>  
> I also need help on the division of labor, if any with the Picketlink  
> team, or any individual on this team. I'm fine doing all the work,  
> delegating pieces to individuals, and/or reusing parts of Picketlink.  
> What should the division of labor be? My first thought is that I'd  
> build the service wholly or partially on the IDM API you all have been  
> working on. That way you guys could focus on storage and federation  
> (i.e. with LDAP, et. al.) and I could focus on UI, service, and protocol  
> aspects.
>  
> Also, as most of you already know. I've already done a ton of work so far:
>  
> http://docs.jboss.org/resteasy/docs/3.0-beta-4/userguide/html/oauth2.html
>  
> Previously I had also even started prototyping a cloudable IDP service  
> using Infinispan as a backend store.
>  
> https://github.com/resteasy/Resteasy/tree/master/jaxrs/security/skeleton-key-idm/skeleton-key-idp
>  
> When the project is started, I'll be creating a new github project. I'd  
> like to name the project "Resteasy Skeleton Key" or "Picketlink Skeleton  
> Key".
>  
> Thoughts? Concerns? Ideas? Insults? Whines? Cheers? Trash Talk? Once  
> things get moving we'll also be talking to PM and the Cloud BU.
>  
> --  
> Bill Burke
> JBoss, a division of Red Hat
> http://bill.burkecentral.com
> _______________________________________________
> security-dev mailing list
> security-dev at lists.jboss.org (mailto:security-dev at lists.jboss.org)
> https://lists.jboss.org/mailman/listinfo/security-dev






More information about the security-dev mailing list