I've extended the user management demo at http://gaeshiro.appspot.com <http://gaeshiro.appspot.com> to include OAuth authorization with Google and Facebook. Adding other OAuth sites would be simple. The site contains a pointer to the Github code.
For consumer-facing sites its attractive to provide "social" logins as users don't have to think of, and register, yet another password. I haven't been able to get it to work (for Google at least) in the same way as Shiro. In particular if your browser is logged in you don't have to enter a password, and its hard to re-authenticate (no password is required). I'm not sure if I'm missing something or if OAuth is not really meant for authentication. I tried the Buji Oauth <https://github.com/bujiio/buji-oauth> library but, and I'm open to correction, what I want to do would have taken more code than my thin layer on top of the scribe <https://github.com/fernandezpablo85/scribe-java> library, which I also had to work around. If anyone has a better idea of how to use OAuth for authentication I'd be grateful for some pointers. Tim -- View this message in context: http://shiro-user.582556.n2.nabble.com/OAuth-demo-tp7577850.html Sent from the Shiro User mailing list archive at Nabble.com.
