Enterprise OAuth2 Server in place of UAA.

Skip to first unread message

Angelo Albanese

Sep 11, 2014, 11:09:20 AM9/11/14
to vcap...@cloudfoundry.org
Dear all, 
as per my understanding ( and https://github.com/cloudfoundry/uaa  wiki )  UAA main purpose is to act as OAuth2 provider.
Does anyone in the community tried to replace UAA with another OAuth2 Server, like it could be an existing Enterprise OAuth server ?
I am really curious to understand if  there is any additional capability that UAA is exponsing to other CF internals components that could be destroyed by migrating to a pure OAuth2 provider.

Thx a lot

Mike Youngstrom

Sep 11, 2014, 11:22:19 AM9/11/14
to vcap...@cloudfoundry.org
I don't believe you can replace UAA with another OAuth2 server since I understand OAuth2 isn't the most strict of standards.  However, it seems it should be possible to federate UAA with another oauth server.  Though I haven't looked into exactly how to go about doing that.

Our enterprise is about to deploy an OpenAM OAuth2 server and we'll have the same need to access enterprise OAuth2 protected resources with a user's UAA token so I'm interested in seeing the responses.


You received this message because you are subscribed to the Google Groups "Cloud Foundry Developers" group.
To view this discussion on the web visit https://groups.google.com/a/cloudfoundry.org/d/msgid/vcap-dev/304077fe-ddb2-4697-90ae-af43b8a4530f%40cloudfoundry.org.

To unsubscribe from this group and stop receiving emails from it, send an email to vcap-dev+u...@cloudfoundry.org.

Filip Hanik

Sep 13, 2014, 10:15:51 AM9/13/14
to vcap...@cloudfoundry.org
this feature would take a little thinking time. it may be easier than it seems. 

Reply all
Reply to author
0 new messages