[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: [Aerogear-dev] AeroGear Security - call for participation



Thank you Matthias, I did the updates with the new images and that information, please refresh the url.

Let me know if you have more questions.


-- 
"The measure of a man is what he does with power" - Plato
-
@abstractj
-
Volenti Nihil Difficile

On Saturday, July 28, 2012 at 11:18 AM, Matthias Wessendorf wrote:

Hey,

thanks for the quick response. Useful information;

What do you think about including parts of it into your spec/draft?
I think it makes reading a bit easier;

thx!
Matthias

On Sat, Jul 28, 2012 at 3:53 PM, Bruno Oliveira <bruno abstractj org> wrote:
Hi Matthias, thanks for your review, answers inline.

On Saturday, July 28, 2012 at 7:35 AM, Matthias Wessendorf wrote:

hi,

a few minor comments after giving it a quick shot:

1) The REST resources will be generated to provide the basics for
authentication.

==> IMO basic(s) is a bit confusing when talking about auth (e.g.
application basic...), perhaps writing 'foundation' or so?
==> what will generate the resources ?

I've been planning to provide the minimal endpoints to authentication,
aerogear-security aims to have the integration with providers like
DeltaSpike and PicketLink.

Generate means something like a forge plugin or maven plugin something to
get rid of an complex configuration files. Aerogear-security must deal with
the complexity, but not our developers, that's the idea.



2) aerogear.auth
'This attribute is optional and if not present the default REST
authentication method will be assumed.'
==> 'default REST authentication' <== what does that actually mean?

Perhaps a link to some other document,
for background infos?

The endpoints provided by aerogear-security, but if you want to have an idea
about what I've been planning take a look at the external references, please


3) aerogear.auth.register
the diagram says 'signup'; perhaps using one term across
documents/diagrams does not hurt!

Indeed. I didn't get a chance to update the pictures and I assume that
people will truly understand what it means, I'll do it to the next week.

- Bruno


(I guess that applies to login/signin etc as well)

-M


On Sat, Jul 28, 2012 at 12:11 AM, Bruno Oliveira <bruno abstractj org>
wrote:

Hi folks,

We've been discussing a lot about security on the server side this week and
I would like to hear some feedback about the document below before going
into more specific implementation details.


Have a nice reading! :)
--
"The measure of a man is what he does with power" - Plato
-
@abstractj
-
Volenti Nihil Difficile

_______________________________________________
aerogear-dev mailing list




--
Matthias Wessendorf




--
Matthias Wessendorf

blog: http://matthiaswessendorf.wordpress.com/
sessions: http://www.slideshare.net/mwessendorf
twitter: http://twitter.com/mwessendorf


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]