On 17 March 2014 10:58, Dileepa Jayakody <dileepajayak...@gmail.com> wrote:
> Hi All, > > Does Isis support OAuth2? > In my application I require my users to authorize the webapp to connect to > the user's mailbox(gmail). And I intend to use OAuth2. > > Does Isis authorization support OAuth2 consumer profile? Since Isis uses > Apache Shiro as the security framework, I assume OAuth2 is inherently > supported? > >From a quick google, it seems to me that oauth2 is supported by shiro only through third-party extensions, see for example this thread [1] and referenced github repo [2] So I suspect that the Shiro config within an Isis application could indeed be setup to support oauth2, but it would need to bring in some additional dependencies and require some additional configuration (eg in shiro.ini, pom.xml, web.xml etc etc). oauth integration was one of the other GSOC (sub)projects I suggested [3]; it would be a great thing for you to contribute as a first deliverable of your GSOC project. Dan [1] http://shiro-developer.582600.n2.nabble.com/Add-OAuth-support-for-Shiro-td7240738.html [2] https://github.com/bujiio/buji-pac4j [3] https://issues.apache.org/jira/browse/ISIS-739 > > > Thanks, > Dileepa >