[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: [Aerogear-dev] AeroGear Security - call for participation



Hey,

thanks for the quick response. Useful information;

What do you think about including parts of it into your spec/draft?
I think it makes reading a bit easier;

thx!
Matthias

On Sat, Jul 28, 2012 at 3:53 PM, Bruno Oliveira <bruno abstractj org> wrote:
> Hi Matthias, thanks for your review, answers inline.
>
> On Saturday, July 28, 2012 at 7:35 AM, Matthias Wessendorf wrote:
>
> hi,
>
> a few minor comments after giving it a quick shot:
>
> 1) The REST resources will be generated to provide the basics for
> authentication.
>
> ==> IMO basic(s) is a bit confusing when talking about auth (e.g.
> application basic...), perhaps writing 'foundation' or so?
> ==> what will generate the resources ?
>
> I've been planning to provide the minimal endpoints to authentication,
> aerogear-security aims to have the integration with providers like
> DeltaSpike and PicketLink.
>
> Generate means something like a forge plugin or maven plugin something to
> get rid of an complex configuration files. Aerogear-security must deal with
> the complexity, but not our developers, that's the idea.
>
>
>
> 2) aerogear.auth
> 'This attribute is optional and if not present the default REST
> authentication method will be assumed.'
> ==> 'default REST authentication' <== what does that actually mean?
>
> Perhaps a link to some other document,
> for background infos?
>
> The endpoints provided by aerogear-security, but if you want to have an idea
> about what I've been planning take a look at the external references, please
> https://github.com/plataformatec/devise/
>
>
> 3) aerogear.auth.register
> the diagram says 'signup'; perhaps using one term across
> documents/diagrams does not hurt!
>
> Indeed. I didn't get a chance to update the pictures and I assume that
> people will truly understand what it means, I'll do it to the next week.
>
> - Bruno
>
>
> (I guess that applies to login/signin etc as well)
>
> -M
>
>
> On Sat, Jul 28, 2012 at 12:11 AM, Bruno Oliveira <bruno abstractj org>
> wrote:
>
> Hi folks,
>
> We've been discussing a lot about security on the server side this week and
> I would like to hear some feedback about the document below before going
> into more specific implementation details.
>
> http://aerogear.abstractj.org/docs/AeroGearSecurity.html
>
> Have a nice reading! :)
> --
> "The measure of a man is what he does with power" - Plato
> -
> @abstractj
> -
> Volenti Nihil Difficile
>
> _______________________________________________
> aerogear-dev mailing list
> aerogear-dev redhat com
> https://www.redhat.com/mailman/listinfo/aerogear-dev
>
>
>
>
> --
> Matthias Wessendorf
>
> blog: http://matthiaswessendorf.wordpress.com/
> sessions: http://www.slideshare.net/mwessendorf
> twitter: http://twitter.com/mwessendorf
>
>



-- 
Matthias Wessendorf

blog: http://matthiaswessendorf.wordpress.com/
sessions: http://www.slideshare.net/mwessendorf
twitter: http://twitter.com/mwessendorf


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]