[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

[Aerogear-dev] Security development ideas

Hi folks,

I would like to have some feedback and new ideas about the best approach to improve mobile authentication/authorization from client to server side.

This week I was digging into DS source code to see how we could provide authentication to REST resources, DS seems to be a promising project but currently in embryonic phase (I guess). So, some of the interesting parts like JaasAuthenticator and Idm integration with PicketBox are missing or don't have examples/unit tests (https://github.com/DeltaSpike/Mirror/tree/master/deltaspike/modules/security), of course that's open source and we can contribute, I'm just worried about timeframe.

I started to write 3 functional requirements to our project with Jay's review (with our basic needs - https://issues.jboss.org/browse/AEROGEAR-7) and then I wrote some thoughts https://github.com/abstractj/aerogear-security/tree/jaas do decouple authentication from MVC (it's just an idea and not a final solution)

I would like to hear suggestions/feedback about it, if somebody know a better way to move forward put your ideas on the table please.

- Bruno

[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]