Hi guys,
I'm happy as I should have some time to work again on Syncope next week
(and the following weeks ;)).
I have some ideas that I would like to share and discuss with you.
Please, correct me if I'm wrong, if the ideas are stupid, or already done ;)
1/ Provide a Karaf LoginModule for Syncope and a Karaf feature
We already discussed of that in the past. It doesn't change the Syncope
codebase itself, it's just an addition on the Karaf side.
The first thing is to provide a SyncopeLoginModule in Karaf allowing to
delegate the user backend to Syncope. Currently, Karaf provides
PropertiesLoginModule (the username/password are stored in the simple
properties file), LDAPLoginModule, JDBCLoginModule, and OSGiLoginModule.
Thanks to the SyncopeLoginModule, the users just delegate the Karaf
container JAAS realm backend to Syncope, who manages its own backend
(LDAP, etc).
On the other hand, I will provide a Karaf feature to be able to easily
install Syncope directly in Karaf.
2/ OAuth2 Service Provider feature
More and more companies want to provide an "internal" oauth2 service
provider (instead of using "public" one like amazon, bitbucket, etc).
What do you think to add an optional feature to Syncope to turn Syncope
as an OAuth2 Service Provider ?
3/ CXF authentication ready to use feature
Right now, we can use Syncope with CXF by implementing an interceptor
delegating to the Syncope REST API.
It's not really straight forward for the user as it requires to write
some kind of plumbing code.
I think it could be helpful to provide a ready to use "CXF feature"
providing the interceptor that we can configure (the location of the
Syncope instance, etc).
Maybe it makes more sense to add this on the CXF part more than on the
Syncope side, but, anyway, it could be very helpful for the users.
WDYT ?
Thanks,
Regards
JB
--
Jean-Baptiste Onofré
jbono...@apache.org
http://blog.nanthrax.net
Talend - http://www.talend.com