[jira] Commented: (SHIRO-119) Oauth support

Sat, 12 Feb 2011 22:09:26 -0800 

    [ 
https://issues.apache.org/jira/browse/SHIRO-119?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12994017#comment-12994017
 ] 

Kalle Korhonen commented on SHIRO-119:
--------------------------------------

Took an initial look at it. Thanks Jared, good job putting together a complete 
draft implementation. There's a lot of leeway in implementing an Oauth realm 
for a resource server and undoubtedly some new interfaces, like 
OAuthTokenInfoSource is needed. Several iterations are probably needed to make 
really reusable and generically useful. The IniOauthRealm is more of an example 
than production code, I might just use it in an integration test rather than 
package it up into a distributable jar. I'd also like to see end-to-end 
integration tests for this, but several other pieces are needed. Currently 
there are not tests at all so there's no way we can just drop it into Shiro 
source tree as is. Usage of Shiro interfaces is fairly limited, so it doesn't 
need to be building together with latest Shiro trunk either. I'm thinking that 
right place for this is therefore http://www.apache-extras.org. That would also 
make it easier for Jared to directly commit improvements and additions. I can 
create a project for this there. I'm certainly interested in this topic as a 
whole but I don't have a direct use case for Oauth resource and authorization 
server right now (though I'm currently implementing and using other aspects of 
Oauth) so might be a bit slow from my part, at least initially. What do you 
think Jared?

> Oauth support
> -------------
>
>                 Key: SHIRO-119
>                 URL: https://issues.apache.org/jira/browse/SHIRO-119
>             Project: Shiro
>          Issue Type: New Feature
>            Reporter: Jason Eacott
>            Assignee: Kalle Korhonen
>         Attachments: shiro-oauth.patch
>
>
> Create support for OAuth provider  support 'out of the box'. 
> This could involve a standalone provider webapp with some flexible mechanism 
> for data storage, and/or remote data retrieval & management,
> and a customisable way to integrate application/transport specific OAuth 
> based authentication with Shiro (HTTP/XMPP etc).

-- 
This message is automatically generated by JIRA.
-
For more information on JIRA, see: http://www.atlassian.com/software/jira

Reply via email to