Hi, I tried to explain that even if authentication happens in OAuth protocol, it's not the target, the main objective is to allow an application to access authorized user data.
And the main advantage I see in buji-oauth is the fact that you get a profile for the authorized user. But you're right, there is no common profile, it's a lack. I'm open to suggestion, improvment and opinion : this common profile is a good idea. The buji-oauth library is based on scribe-up : https://github.com/leleuj/scribe-up. I'm going to release soon the 1.2.0 version, but I'll put that in my roadmap for 1.3.0. About the implementation effort, I'm almost upset ;-) I thought it was simple to use the buji-oauth library : define a provider, define a filter, define a realm and define the security of the application : https://github.com/bujiio/buji-oauth/wiki/configuration. What did you expect to be easier ? Thanks, Jérôme -- View this message in context: http://shiro-user.582556.n2.nabble.com/OAuth-demo-tp7577850p7577854.html Sent from the Shiro User mailing list archive at Nabble.com.
