[security-dev] Resteasy 3.0-beta-2 released with OAuth2 support
Bruno Oliveira
bruno at abstractj.org
Wed Feb 20 10:55:38 EST 2013
'kk what's the plan for PicketLink use amber (https://github.com/picketlink/picketlink/tree/master/oauth/src/main/java/org/picketlink/oauth/amber) or Bill's implementation?
Or both?
--
"The measure of a man is what he does with power" - Plato
-
@abstractj
-
Volenti Nihil Difficile
On Wednesday, February 20, 2013 at 12:26 PM, Anil Saldhana wrote:
> Hi Bruno,
> I think that is the usecase for implicit grant type in OAuth2. It is used when the client cannot save any secrets or tokens such as Javascript applications.
>
> Regards,
> Anil
>
> On 02/20/2013 05:42 AM, Bruno Oliveira wrote:
> > Hi Anil,
> >
> > Are you thinking in something like this? https://developers.google.com/accounts/docs/OAuth2#clientside
> >
> > If yes, makes sense.
> >
> >
> > --
> > "The measure of a man is what he does with power" - Plato
> > -
> > @abstractj
> > -
> > Volenti Nihil Difficile
> >
> >
> >
> > On Tuesday, February 19, 2013 at 11:05 PM, Anil Saldhana wrote:
> >
> > > I am unsure if "implicit" usecase implies insecure. All it does is
> > > avoids the intermediate
> > > authorization code grant step. It is useful for Javascript applications
> > >
> >
> >
>
> _______________________________________________
> security-dev mailing list
> security-dev at lists.jboss.org (mailto:security-dev at lists.jboss.org)
> https://lists.jboss.org/mailman/listinfo/security-dev
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.jboss.org/pipermail/security-dev/attachments/20130220/db1aa3e3/attachment.html
More information about the security-dev
mailing list