I would like start coding OAuth support finally and I have some questions regarding that:
1. We agreed to use OAuth 1.0 spec, I assume to use: http://tools.ietf.org/html/draft-hammer-oauth-10 as is suggested in: http://oauth.net/core/1.0a/. WDYT? 2. There are existing Java OAuth libraries. I am wondering if we could use one of them. From one hand maybe it is not good idea to make cxf dependent on such library, but on the other it's already tested and used by developers (mainly I mean Scribe lib). I can write own implementation, just let me know what is your opinion. My asf account is ready and Daniel suggested to create branch at cxf sandbox, I will do so and commit all my changes there. Btw. Last days I was at OAuth 2.0 F2F meeting and there appear about hundred new issues (major and trivial as well), so I suppose it's too hot for implementation:). Cheers, Lukasz Moren
