[security-dev] Resteasy 3.0-beta-2 released with OAuth2 support

Anil Saldhana Anil.Saldhana at redhat.com
Tue Feb 19 11:55:39 EST 2013


Bill,
   I am unsure the RESTEasy Oauth support has all the grant types:
https://docs.jboss.org/author/display/PLINK/OAuth+Theory

I am looking here: 
https://github.com/resteasy/Resteasy/tree/master/jaxrs/security/resteasy-oauth/src/main/java/org/jboss/resteasy/auth/oauth

Regards,
Anil


On 01/25/2013 08:21 AM, Bill Burke wrote:
> I need to write up how it works too.  I extended OAuth2 a tiny bit as
> well as JWT.  If you check out the code, you'll also see I started on an
> IDP.  If Picklink is ready, I could start implementing on top of it
> and/or contribute to the current effort you have on openshift.  Let me
> know.
>
> The current release's experience is a bit limited because you're lacking
> extra metadata that our own IDP could provide.
>
> My current vision on oauth clients is:
>
> * THey must be registered
> * They are granted oauth and/or login permissions
> * If they are only granted oauth permissions, they must also have the
> set of roles that they are allowed to obtain from a user
>
> Code:
>
> https://github.com/resteasy/Resteasy/tree/master/jaxrs/security/skeleton-key-idm
>
> On 1/24/2013 7:24 PM, Anil Saldhana wrote:
>> Fabulous news. Will provide feedback.
>>
>> On Jan 24, 2013, at 4:43 PM, Bill Burke <bburke at redhat.com> wrote:
>>
>>> http://bill.burkecentral.com/2013/01/24/resteasy-3-0-beta-2-released-with-new-oauth-2-0-features/
>>> --
>>> Bill Burke
>>> JBoss, a division of Red Hat
>>> http://bill.burkecentral.com
>>> _______________________________________________
>>> security-dev mailing list
>>> security-dev at lists.jboss.org
>>> https://lists.jboss.org/mailman/listinfo/security-dev



More information about the security-dev mailing list