[Amdatu-developers] [JIRA] Resolved: (AMDATU-181) Split off oAuth as separate bundle (currently it is contained by the Shindig bundle)

Thu, 2 Dec 2010 15:50:51 +0100 (CET) 

     [ 
http://jira.amdatu.org/jira/browse/AMDATU-181?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Ivo Ladage - van Doorn resolved AMDATU-181.
-------------------------------------------

    Resolution: Fixed

Done. Stuff that remain to be done but covere- The service consumer registry is 
not yet persistent. For the moment it stores the service consumers in memory. 
(AMDATU-201)
- The authorization token part of the process is currently a micky mouse 
example. By simply posting a form holding the userid, a request token can be 
authorized for that user id. This needs to be connected to the Amdatu login 
service, or even to a pluggable login service. (AMDATU-202)
- Provide external REST service to validate OAuth messages and retrieve context 
information like userid and consumer key (AMDATU-203)
- Finalize REST API for CRUD operations on service consumers (add HTTP caching 
headers and authorization)(AMDATU-204)
- Support two-legged oAuth (AMDATU-182)
- Disable oAuth (server-side) in Shindig bundle (AMDATU-205)
- Explore the possibilities to add additional information to the oAuth tokens, 
like a tenant id.

> Split off oAuth as separate bundle (currently it is contained by the Shindig 
> bundle)
> ------------------------------------------------------------------------------------
>
>                 Key: AMDATU-181
>                 URL: http://jira.amdatu.org/jira/browse/AMDATU-181
>             Project: Amdatu
>          Issue Type: Task
>          Components: Amdatu Authentication - oAuth
>    Affects Versions: 0.1.0
>            Reporter: Ivo Ladage - van Doorn
>            Assignee: Ivo Ladage - van Doorn
>             Fix For: 0.1.0
>
>
> The oAuth servlet (and service in the future) should be moved to a separate 
> oAuth bundle. Currently it is embedded in the Shindig service. This should 
> facilitate the use of the oAuth standard for authentication without the need 
> of having the whole Shindig container deployed.
> Note that it would be even better to split off oAuth support from the Shindig 
> implementation completely, such that it can be moved to the web project for 
> example without any opensocial/shindig dependencies. However, the current 
> oAuth implementation embedded in Shindig off course depends on many Shindig 
> specific classes, so that wouldn't be easy without embedding certain shindig 
> libraries. An alternative approach could be to use a different oAuth library 
> for oAuth support, for example net.oauth or Scribe.

-- 
This message is automatically generated by JIRA.
-
For more information on JIRA, see: http://www.atlassian.com/software/jira

Reply via email to