All, I picked an OAuth module at random ([1]) and tried it with the current JASPIC implementation. The good news is that it worked.
However, that project only provides the ServerAuthModule. That means there is no AuthConfigProvider, ServerAuthConfig or ServerAuthContext. I have thrown together some simple implementations to test the module. What I intend to do next is make them more robust so they can be added to Tomcat's JASPIC implementation. The general idea is that with the right entries in jaspic-providers.xml, you will be able to configure a web application to use JASPIC and any ServerAuthModule of your choice. I might try and extend support to multiple modules. It depends how tricky it gets. For more complex requirements, users always have the option of extending the basic ones Tomcat provides or writing their own. I also still need to document all this. Mark [1] https://github.com/phillipgreenii/google-oauth-2.0-serverauthmodule --------------------------------------------------------------------- To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
