[security-dev] Resteasy 3.0-beta-2 released with OAuth2 support
Bill Burke
bburke at redhat.com
Fri Jan 25 09:21:32 EST 2013
I need to write up how it works too. I extended OAuth2 a tiny bit as
well as JWT. If you check out the code, you'll also see I started on an
IDP. If Picklink is ready, I could start implementing on top of it
and/or contribute to the current effort you have on openshift. Let me
know.
The current release's experience is a bit limited because you're lacking
extra metadata that our own IDP could provide.
My current vision on oauth clients is:
* THey must be registered
* They are granted oauth and/or login permissions
* If they are only granted oauth permissions, they must also have the
set of roles that they are allowed to obtain from a user
Code:
https://github.com/resteasy/Resteasy/tree/master/jaxrs/security/skeleton-key-idm
On 1/24/2013 7:24 PM, Anil Saldhana wrote:
> Fabulous news. Will provide feedback.
>
> On Jan 24, 2013, at 4:43 PM, Bill Burke <bburke at redhat.com> wrote:
>
>> http://bill.burkecentral.com/2013/01/24/resteasy-3-0-beta-2-released-with-new-oauth-2-0-features/
>> --
>> Bill Burke
>> JBoss, a division of Red Hat
>> http://bill.burkecentral.com
>> _______________________________________________
>> security-dev mailing list
>> security-dev at lists.jboss.org
>> https://lists.jboss.org/mailman/listinfo/security-dev
--
Bill Burke
JBoss, a division of Red Hat
http://bill.burkecentral.com
More information about the security-dev
mailing list