I'm curious if anyone has thought about or implemented an oauth based authentication mechanism in the controller. I've thought about replacing the subject authentication with oauth and think it would not be a lot of work to do although it does have some wider implications.
-r
