Re: [OAUTH-WG] Authorization Server
Buhake Sindi <buhake@googlemail.com> Fri, 18 July 2014 00:12 UTC
Return-Path: <buhake@googlemail.com>
X-Original-To: oauth@ietfa.amsl.com
Delivered-To: oauth@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 6DB9E1A00E2 for <oauth@ietfa.amsl.com>; Thu, 17 Jul 2014 17:12:43 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: 0.521
X-Spam-Level:
X-Spam-Status: No, score=0.521 tagged_above=-999 required=5 tests=[BAYES_20=-0.001, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FM_FORGED_GMAIL=0.622, FREEMAIL_FROM=0.001, SPF_PASS=-0.001] autolearn=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id bt7QZ5cHkKJ8 for <oauth@ietfa.amsl.com>; Thu, 17 Jul 2014 17:12:42 -0700 (PDT)
Received: from mail-wi0-x231.google.com (mail-wi0-x231.google.com [IPv6:2a00:1450:400c:c05::231]) (using TLSv1 with cipher ECDHE-RSA-RC4-SHA (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id A182A1A00DF for <oauth@ietf.org>; Thu, 17 Jul 2014 17:12:41 -0700 (PDT)
Received: by mail-wi0-f177.google.com with SMTP id ho1so6602wib.16 for <oauth@ietf.org>; Thu, 17 Jul 2014 17:12:40 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=googlemail.com; s=20120113; h=from:references:in-reply-to:mime-version:content-transfer-encoding :content-type:message-id:cc:subject:date:to; bh=5kY2SprLgEPRJsYmPuKZ7QXUePAizW2SWRFrWCFSGEQ=; b=xjZcdmATK4OdUMt4vpkhWb1SlLrTZ8NFQI2GLd98eSgKWL8/iGjC59DR1PBu9xBCXy yoeDafFiCm7B1CnB0la8XeM/WMXi6QHKjawPLdQy6phEI/ZL3ff6v8OFrp/ahmHHNcEF MZ1Fq2IqTHtILk7FmytStrMnhVC2yA77j9yKyqPYX91F4I/zP7YVG01QVTsf8ZAHnIsy LR219xMw01An3WTJenIDDune2jBqJJAvjqt1y2SSNfChA3CJfDXWHVnaBAOiCPIL24Ct 5MiiyPL0+IzbkDnFBT77u1v4Our93fJRkST/nnr+bhQ9TReqqoasRjxyXU9NXItThlsw lEsg==
X-Received: by 10.194.59.49 with SMTP id w17mr818461wjq.135.1405642360003; Thu, 17 Jul 2014 17:12:40 -0700 (PDT)
Received: from [192.168.0.102] ([41.151.146.144]) by mx.google.com with ESMTPSA id fs3sm121973wic.20.2014.07.17.17.12.38 for <multiple recipients> (version=TLSv1 cipher=ECDHE-RSA-RC4-SHA bits=128/128); Thu, 17 Jul 2014 17:12:38 -0700 (PDT)
From: Buhake Sindi <buhake@googlemail.com>
X-Google-Original-From: Buhake Sindi <buhake@gmail.com>
References: <CAH59oZfZbKopao1aFs+kTaEg_5fQXVWBFnRPaFLWmk1Fd6BG7Q@mail.gmail.com>
In-Reply-To: <CAH59oZfZbKopao1aFs+kTaEg_5fQXVWBFnRPaFLWmk1Fd6BG7Q@mail.gmail.com>
Mime-Version: 1.0 (1.0)
Content-Transfer-Encoding: quoted-printable
Content-Type: text/plain; charset="us-ascii"
Message-Id: <25A4CB78-88B7-45D7-B5E1-C25734BDAF59@gmail.com>
X-Mailer: iPad Mail (9B206)
Date: Fri, 18 Jul 2014 02:12:40 +0200
To: Richard Snowden <richard.t.snowden@gmail.com>
Archived-At: http://mailarchive.ietf.org/arch/msg/oauth/jX1BPpuUyY3LN98SxUT8iqm1foM
Cc: "oauth@ietf.org" <oauth@ietf.org>
Subject: Re: [OAUTH-WG] Authorization Server
X-BeenThere: oauth@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: OAUTH WG <oauth.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/oauth>, <mailto:oauth-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/oauth/>
List-Post: <mailto:oauth@ietf.org>
List-Help: <mailto:oauth-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/oauth>, <mailto:oauth-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 18 Jul 2014 00:12:43 -0000
Hi Richard, I had the same dilemma. Most write their own Authorization server. Pretty soon, once I complete it officially, my company will release a Java library to configure an OAuth Authorization server (as many have written me emails requesting of such library). I don't know if there is an existing one yet, probably Spring Framework has? Kind Regards, Buhake Sindi www.sindi.co.za On 17 Jul 2014, at 10:47, Richard Snowden <richard.t.snowden@gmail.com> wrote: > Hi there, > > after viewing some tutorials and running some samples code I understood the client side of OAuth 2.0. > > Using existing Authorization Server seems to be not too complicated. > > Question is: How to implement my own Authorization Server? > > Since many companies have their own User/Privilege system, LDAP based (e.g. Active Directory), etc. - they must have their own Authorization Server. > > Is there a framework, libraries, etc. for that? Or do I have to write the code from scratch? > > cheers, > Richard > _______________________________________________ > OAuth mailing list > OAuth@ietf.org > https://www.ietf.org/mailman/listinfo/oauth
- [OAUTH-WG] Authorization Server Richard Snowden
- Re: [OAUTH-WG] Authorization Server Buhake Sindi
- Re: [OAUTH-WG] Authorization Server Justin Richer