roller-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "David Johnson (JIRA)" <j...@apache.org>
Subject [jira] Updated: (ROL-1798) Support for OAuth authentication for AtomPub and other resources
Date Fri, 13 Mar 2009 21:13:07 GMT

     [ https://issues.apache.org/roller/browse/ROL-1798?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]

David Johnson updated ROL-1798:
-------------------------------

    Description: 
Add support for OAuth authentication, supporting these requirements:

a) - Support for three standard OAuth URIs
  1) - request token URI
  2) - authorization URI, presents authorization page if appropriate
  3) - access token servlet URI

b) - Support for OAuth authentication in AtomPub servlet

c) - Ability to enable and disable AtomPut from Server Admin page

d) - Ability to choose either OAuth, BASIC, WSSE or  authentication for AtomPub

e) - Addition of an OAuth page that appears when OAuth is enabled
   1) allows users to access the key and secret they need to authorized AtomPub clients
   2) allows admins to access the site-wide key and secret needed to authorize 3rd party sites


The implementation creates these new tables:

    -- each record is an OAuth consumer key and secret, can be tied to just one user
   create table rol_oauthconsumer (
      consumerkey varchar(48) not null primary key,
      consumersecret varchar(48) not null,
      username varchar(48)
  );
  create index oc_username_idx  on rol_oauthconsumer( username$!db.INDEXSIZE );
  create index oc_consumerkey_idx  on rol_oauthconsumer( consumerkey$!db.INDEXSIZE );

  -- each record is an OAuth accessor, always tied to just one user
  create table rol_oauthaccessor (
      consumerkey varchar(48) not null primary key,
      requesttoken varchar(48),
      accesstoken varchar(48),
      tokensecret varchar(48),
      created $db.TIMESTAMP_SQL_TYPE not null,
      updated $db.TIMESTAMP_SQL_TYPE not null,
      username varchar(48) not null,
      authorized $db.BOOLEAN_SQL_TYPE_FALSE
  );
  create index oa_consumerkey_idx  on rol_oauthaccessor( consumerkey$!db.INDEXSIZE );

The implementation adds these new jars:
    commons-httpclient-3.1.jar
    httpclient-4.0-beta1.jar
    httpcore-4.0-beta2.jar
    oauth-core-20090121.jar


  was:
Add support for OAuth authentication, supporting these requirements:

a) - Support for three standard OAuth URIs
  1) - request token URI
  2) - authorization URI, presents authorization page if appropriate
  3) - access token servlet URI

b) - Support for OAuth authentication in AtomPub servlet

c) - Ability to enable and disable AtomPut from Server Admin page

d) - Ability to choose either OAuth, BASIC, WSSE or  authentication for AtomPub

e) - Addition of an OAuth page that appears when OAuth is enabled
   1) allows users to access the key and secret they need to authorized AtomPub clients
   2) allows admins to access the site-wide key and secret needed to authorize 3rd party sites




> Support for OAuth authentication for AtomPub and other resources
> ----------------------------------------------------------------
>
>                 Key: ROL-1798
>                 URL: https://issues.apache.org/roller/browse/ROL-1798
>             Project: Roller
>          Issue Type: New Feature
>          Components: Authentication, Roles and Access Controls
>            Reporter: David Johnson
>            Assignee: David Johnson
>             Fix For: 5.0
>
>         Attachments: OAuth authorize.jpg, OAuth credentials page.jpg, OAuth creds link.jpg,
OAuth enable.jpg, rol1798-20090313.patch
>
>
> Add support for OAuth authentication, supporting these requirements:
> a) - Support for three standard OAuth URIs
>   1) - request token URI
>   2) - authorization URI, presents authorization page if appropriate
>   3) - access token servlet URI
> b) - Support for OAuth authentication in AtomPub servlet
> c) - Ability to enable and disable AtomPut from Server Admin page
> d) - Ability to choose either OAuth, BASIC, WSSE or  authentication for AtomPub
> e) - Addition of an OAuth page that appears when OAuth is enabled
>    1) allows users to access the key and secret they need to authorized AtomPub clients
>    2) allows admins to access the site-wide key and secret needed to authorize 3rd party
sites
> The implementation creates these new tables:
>     -- each record is an OAuth consumer key and secret, can be tied to just one user
>    create table rol_oauthconsumer (
>       consumerkey varchar(48) not null primary key,
>       consumersecret varchar(48) not null,
>       username varchar(48)
>   );
>   create index oc_username_idx  on rol_oauthconsumer( username$!db.INDEXSIZE );
>   create index oc_consumerkey_idx  on rol_oauthconsumer( consumerkey$!db.INDEXSIZE );
>   -- each record is an OAuth accessor, always tied to just one user
>   create table rol_oauthaccessor (
>       consumerkey varchar(48) not null primary key,
>       requesttoken varchar(48),
>       accesstoken varchar(48),
>       tokensecret varchar(48),
>       created $db.TIMESTAMP_SQL_TYPE not null,
>       updated $db.TIMESTAMP_SQL_TYPE not null,
>       username varchar(48) not null,
>       authorized $db.BOOLEAN_SQL_TYPE_FALSE
>   );
>   create index oa_consumerkey_idx  on rol_oauthaccessor( consumerkey$!db.INDEXSIZE );
> The implementation adds these new jars:
>     commons-httpclient-3.1.jar
>     httpclient-4.0-beta1.jar
>     httpcore-4.0-beta2.jar
>     oauth-core-20090121.jar

-- 
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.


Mime
View raw message