Hi Dan, Thanks for your input. Yes I feel OAuth integration is a common requirement for web-applications nowadays and it could be done within the GSOC project. Can you please link that as sub-task under ISIS-736<https://issues.apache.org/jira/browse/ISIS-736> ?
Can I presume you are ok with my application ReputationBox as the sample "real-life" application for the ISIS-736 GSOC project? Thanks, Dileepa On Mon, Mar 17, 2014 at 5:03 PM, Dan Haywood <[email protected]>wrote: > On 17 March 2014 10:58, Dileepa Jayakody <[email protected]> > wrote: > > > Hi All, > > > > Does Isis support OAuth2? > > In my application I require my users to authorize the webapp to connect > to > > the user's mailbox(gmail). And I intend to use OAuth2. > > > > Does Isis authorization support OAuth2 consumer profile? Since Isis uses > > Apache Shiro as the security framework, I assume OAuth2 is inherently > > supported? > > > > From a quick google, it seems to me that oauth2 is supported by shiro only > through third-party extensions, see for example this thread [1] and > referenced github repo [2] > > So I suspect that the Shiro config within an Isis application could indeed > be setup to support oauth2, but it would need to bring in some additional > dependencies and require some additional configuration (eg in shiro.ini, > pom.xml, web.xml etc etc). > > oauth integration was one of the other GSOC (sub)projects I suggested [3]; > it would be a great thing for you to contribute as a first deliverable of > your GSOC project. > > Dan > > > [1] > > http://shiro-developer.582600.n2.nabble.com/Add-OAuth-support-for-Shiro-td7240738.html > [2] https://github.com/bujiio/buji-pac4j > [3] https://issues.apache.org/jira/browse/ISIS-739 > > > > > > > > Thanks, > > Dileepa > > >
