cxf-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Sergey Beryozkin <sberyoz...@gmail.com>
Subject Re: [GSoC][OAUTH] OAuth implementation kick-off
Date Wed, 02 Jun 2010 12:51:57 GMT
Hi Łukasz

On Wed, Jun 2, 2010 at 12:26 PM, Łukasz Moreń <lukasz.moren@gmail.com>wrote:

> I would like start coding OAuth support finally and I have some questions
> regarding that:
>
> 1. We agreed to use OAuth 1.0 spec, I assume to use:
> http://tools.ietf.org/html/draft-hammer-oauth-10
> as is suggested in: http://oauth.net/core/1.0a/. WDYT?
>

Yes please


>
> 2. There are existing Java OAuth libraries. I am wondering if we could use
> one of them. From one hand maybe it is not good idea to make
> cxf dependent on such library, but on the other
> it's already tested and used by developers (mainly I mean Scribe lib). I
> can write own implementation, just let me know what is your opinion.
>

IMHO reusing the well-tested 3rd party library will be fine - they are
actually not big libraries.
I've had a chance to work with a Google OAuth library; Scribe looks ok too ;
please select the one you think will do best; ideally, users will not be
aware of the impl details - so that the libs could be replaced  if needed


>
> My asf account is ready and Daniel suggested to create branch at cxf
> sandbox, I will do so and commit all my changes there.
>
> sounds good. As suggested earlier on, please consider introducing a
rt/rs/oauth module (I think I might've suggested rt/jaxrs/oauth initially,
but 'rs' seems more neutral and better).




>
> Btw. Last days I was at OAuth 2.0 F2F meeting and there appear about
> hundred
> new issues (major and trivial as well), so I suppose it's too hot for
> implementation:).
>
> Indeed. At some later stage you can add a rt/rs/oauth20 :-);

thanks, Sergey


> Cheers,
> Lukasz Moren
>

P.S. I should mention I started working for JBoss and one of the projects
I'm involved in is extending the RestEasy's OAuth support (which is actually
quite good) for it to be better integrated with various JBoss AS services as
well as to facilitate some other open authentication based interactions. It
is a higher level  task and hope I'll be able to avoid any conflict of
interest :-) You can expect a good support from myself and others when
working on this project...

Mime
  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message