Le 13 janv. 2017 14:44, "Sergey Beryozkin" <sberyoz...@gmail.com> a écrit :
that makes sense, supporting the authorization code can be optional, note
the providers can support only all non-redirection based grants or the code
grants too, ex, JCacheOAuthDataProvider and JCacheCodeDataProvider.
I suppose the real challenge is how to auth the users (OAuth2 clients) at
the /token level. For ex, in Fediz OIDC we'd connect to Syncope via CXF
STS, with Syncope covering all the possible user storages.
Wonder if being in tomcat we cant reuse the realm/principal to have a local
user repository/ies. Would make it easier to setup and allow to reuse a lot
On 13/01/17 13:05, Romain Manni-Bucau wrote:
> Hi Sergey
> Le 13 janv. 2017 12:25, "Sergey Beryozkin" <sberyoz...@gmail.com> a écrit
> Hi Romain
> Thanks for sharing the links, looks interesting.
> How do you plan to support the authorization_code grants ?
> Not yet checked but guess we ll add the endpoints and probably a flag to
> activate it or not.
> What do you see as more challenging then /token?
> Cheers, Sergey
> On 12/01/17 16:19, Romain Manni-Bucau wrote:
> Hi guys,
>> Apache Meecrowave (sub project of OpenWebBeans) got some days ago an
>> experimental oauth2 module. It is "just" CXF oauth2 code setup as a
>> and not a library.
>> I see it as an opportunity to make our both communities working more
>> closely, enhancing this feature to make it as close as possible as the
>> customers/users needs.
>> The snapshot doc (which is for now very light and mainly generated) is
>> available at
>> Don't heistate to let us know what you think about it.
>> PS: for people not reading docs here is the right url
>> Romain Manni-Bucau
>> @rmannibucau <https://twitter.com/rmannibucau> | Blog
>> <https://blog-rmannibucau.rhcloud.com> | Old Blog
>> <http://rmannibucau.wordpress.com> | Github <
>> u> |
>> LinkedIn <https://www.linkedin.com/in/rmannibucau> | JavaEE Factory
Talend Community Coders