incubator-cvs mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Apache Wiki <>
Subject [Incubator Wiki] Update of "AmberProposal" by PidSter
Date Fri, 23 Apr 2010 22:14:00 GMT
Dear Wiki user,

You have subscribed to a wiki page or wiki category on "Incubator Wiki" for change notification.

The "AmberProposal" page has been changed by PidSter.


  Amber will be a Java API and implementation for OAuth protocol.
  == Proposal ==
+ Amber will have no or negligible dependencies and will provide both an API specification
for, and implementation of, the OAuth v1.0 and v2.0 specifications. The API specification
will be provided as a separate JAR file allowing re-use by other developers and permits configuration:
+ * by XML
+ * by the ServiceLoader mechanism
+ * programmatically
+ The API component specifies that an implementation must provide default classes for Provider,
Consumer and Token objects making Amber easy to integrate with existing infrastructure and
OAuth client interactions possible with virtually no additional configuration. The API is
flexible enough to allow programmatic customisation or replacement of much of the implementation,
including the default HTTP transport.
+ Amber will provide both client and server functionality, enabling developers to deploy robust
OAuth services with minimal effort.
  == Background ==
- == Rationale ==
  There are currently two implementation efforts going on in ASF for OAuth v1. A stable implementation
of OAuth v1 is present in Apache Shindig, but it is not actively developed and not shared
with other projects. A Lab having Simone Tripodi as its PI is working on an implementation
for an OAuth library that could be used by other products.
  At the same time, on the IETF OAuth v2 mailing list, other people expressed interest for
a Java API and implementation, among them two Apache committers and one active contributor.
  A number of Apache projects (TODO) could be interested in adopting OAuth.
+ == Rationale ==
+ OAuth is increasingly popular and as an authentication and authorization technology it will
both reassure users and benefit the project to be developed in an open source environment.
 Combining efforts from existing Apache projects is a logical step.
+ Providing an Apache licensed library will make it easier for other Apache projects to integrate
  = Current Status =
  Code in the Amber Lab and in Apache Shindig is already licensed to the ASF. More contributions
of code and ideas are expected from initial committers, so an implementation of OAuth v1 should
be reached quickly, and act as a base for an OAuth v2 API and implementation.

To unsubscribe, e-mail:
For additional commands, e-mail:

View raw message