Apache Logo
The Apache Way Contribute ASF Sponsors

This was extracted (@ 2017-10-16 20:10) from a list of minutes which have been approved by the Board.
Please Note The Board typically approves the minutes of the previous meeting at the beginning of every Board meeting; therefore, the list below does not normally contain details from the minutes of the most recent Board meeting.

2017 | 2016 | 2015 | 2014 | 2013 | 2012 | 2011 | 2010 | 2009 | 2008 | 2007 | 2006 | 2005 | 2004 | 2003 | 2002 | 2001 | 2000 | 1999 | Pre-organization meetings

Oltu

20 Sep 2017 [Antonio Sanso / Phil]

Report was filed, but display is awaiting the approval of the Board minutes.

16 Aug 2017 [Antonio Sanso / Mark]

No report was submitted.

@Mark: pursue a report for Oltu

19 Jul 2017 [Antonio Sanso / Rich]

Oltu is a project to develop a Java library which provides an API
specification for, and an unconditionally compliant implementation of the
OAuth v2.0 specifications. OAuth is a mechanism that allows users to
authenticate and authorize access by another party to resources they control
while avoiding the need to share their username and password credentials.

MILESTONES

Apache Oltu 1.0 was released on March 3rd 2014.

Release Apache Oltu Auth2 JWT 1.0.3 on 13/02/2017


CURRENT ACTIVITY

The activity of the project is really really low. One of the reason is also
due the fact OAuth is a protocol that is pretty stable. The other reason is
that the team members that are active are busy/demotivated.

Said that lately we had an issue with the Jenkins build that have been sorted
out after few days. We release last module in February 2017.

In the last report in February some problem has been highlighted:

The last few months it has been awfully quiet (this might also be due the fact
the OAuth spec is stable). But not only, since we have some patches laying
around for a while

The release has not been finished. It seems some of the artifacts are not
synched correctly in https://www.apache.org/dist/oltu

The builds keep failing

As far as I know 2. and 3. are resolved now. But 1. still persists.

I proposed to bring new blood in the PMC by rotating the Chair position but no
one seemed to be interested.


COMMUNITY

Last new addition tot the team are 2 PMC members: Stein Welberg and Jasha
Joachimsthal in June 2016  (13/06/2016)


ISSUES

There are no issues requiring board attention at this time.

21 Jun 2017 [Antonio Sanso / Bertrand]

No report was submitted.

17 May 2017 [Antonio Sanso / Mark]

No report was submitted.

27 Feb 2017 [Antonio Sanso / Bertrand]

Oltu is a project to develop a Java library which provides an API
specification for, and an unconditionally compliant implementation of the
OAuth v2.0 specifications. OAuth is a mechanism that allows users to
authenticate and authorise access by another party to resources they control
while avoiding the need to share their username and password credentials.

MILESTONES

Apache Oltu 1.0 was released on March 3rd 2014.

Apache Oltu Oauth2 module version 1.0.2 was released June 20th 2016.

Apache Oltu Parent v4 was released June 20th 2016.


CURRENT ACTIVITY

The core part of the project related to 'The OAuth 2.0 Authorization
Framework' (RFC 6749) is pretty stable due the fact RFC 6749 is now a
standard. A stable version 1.0 was released on March 3rd 2014 and some minor
releases are going out regularly for bug fixing. Updated modules contained bug
fixing were released June 20th 2016 . Vote for releasing JWT 1.0.3 is in
progress.

At the moment we are working on JSON Web Encryption support ( OLTU-80 -
Implement JWE support for JWT IN PROGRESS ).
In a recent mail thread in private@ some important things have been pointed
out:

The last few months it has been awfully quiet (this might also be due the fact
the OAuth spec is stable). But not only, since we have some patches laying
around for a while

The release has not been finished. It seems some of the artifacts are not
synched correctly in https://www.apache.org/dist/oltu

The builds keep failing

One of the outcome was that embracing the Apache way of having new blood from
time to time we are going to rotate the VP for the project. Hence I proposed
to step down from my role of chair. Unluckily at the moment nobody seems to be
keen  to take this responsibility. For this reason I will keep my role of
chair for now.


COMMUNITY


We have voted two new PMC members: Stein Welberg and Jasha Joachimsthal in
June 2016   (13/06/2016)


ISSUES

There are no issues requiring board attention at this time.

16 Nov 2016 [Antonio Sanso / Shane]

Oltu is a project to develop a Java library which provides an API
specification for, and an unconditionally compliant implementation of the
OAuth v2.0 specifications. OAuth is a mechanism that allows users to
authenticate and authorise access by another party to resources they control
while avoiding the need to share their username and password credentials.

MILESTONES

Apache Oltu 1.0 was released on March 3rd 2014. Apache Oltu Oauth2 module
version 1.0.2 was released June 20th 2016. Apache Oltu Parent v4 was released
June 20th 2016.

CURRENT ACTIVITY

The core part of the project related to 'The OAuth 2.0 Authorization
Framework' (RFC 6749) is pretty stable due the fact RFC 6749 is now a
standard. A stable version 1.0 was released on March 3rd 2014 and some minor
releases are going out regularly for bug fixing. Updated modules contained bug
fixing were released June 20th 2016 . At the moment we are working on JSON Web
Encryption support ( OLTU-80 - Implement JWE support for JWT IN PROGRESS ).
In a recent mail thread in private@ some important things have been pointed
out: The last few months it has been awfully quiet (this might also be due the
fact the OAuth spec is stable). But not only, since we have some patches
laying around for a while The release has not been finished. It seems some of
the artifacts are not synched correctly in https://www.apache.org/dist/oltu
The builds keep failing
One of the outcome was that embracing the Apache way of having new blood from
time to time we are going to rotate the VP for the project.

COMMUNITY

We have voted two new PMC members: Stein Welberg and Jasha Joachimsthal in
June 2016   (13/06/2016)

ISSUES

There are no issues requiring board attention at this time.

17 Aug 2016 [Antonio Sanso / Chris]

Oltu is a project to develop a Java library which provides an API
specification for, and an unconditionally compliant implementation of the
OAuth v2.0 specifications. OAuth is a mechanism that allows users to
authenticate and authorise access by another party to resources they control
while avoiding the need to share their username and password credentials.

MILESTONES

Apache Oltu 1.0 was released on March 3rd 2014.

Apache Oltu Oauth2 module version 1.0.2 was released June 20th 2016.

Apache Oltu Parent v4 was released June 20th 2016.

CURRENT ACTIVITY

The core part of the project related to 'The OAuth 2.0 Authorization
Framework' (RFC 6749) is pretty stable due the fact RFC 6749 is now a
standard. A stable version 1.0 was released on March 3rd 2014 and some minor
releases are going out regularly for bug fixing. Updated modules contained bug
fixing were released June 20th 2016 . At the moment we are working on JSON Web
Encryption support (  OLTU-80 - Implement JWE support for JWT In Progress ).
Users activity is growing slowly but steadily (the user@ mailing list has got
new messages from new users). Lately we have been fixing a bunch of users
reported issues hence the new  release.

COMMUNITY

We have voted two new PMC members: Stein Welberg and Jasha Joachimsthal in
June 2016   (13/06/2016)

ISSUES

There are no issues requiring board attention at this time.

18 May 2016 [Antonio Sanso / Brett]

Oltu is a project to develop a Java library which provides an API
specification for, and an unconditionally compliant implementation of the
OAuth v2.0 specifications. OAuth is a mechanism that allows users to
authenticate and authorise access by another party to resources they control
while avoiding the need to share their username and password credentials.

MILESTONES

Apache Oltu 1.0 was released on March 3rd 2014.

Apache Oltu Oauth2 module version 1.0.1 was released September 24th 2015.

A vote is currently undergoing in order to release Oauth2 module version 1.0.2

CURRENT ACTIVITY

The core part of the project related to 'The OAuth 2.0 Authorization
Framework' (RFC 6749) is pretty stable due the fact RFC 6749 is now a
standard. A stable version 1.0 was released on March 3rd 2014 and some minor
releases are going out regularly for bug fixing. A vote is currently
undergoing in order to release OAuth2 module version 1.0.2 . At the moment we
are working on JSON Web Encryption support ( OLTU-80 - Implement JWE support
for JWT In Progress ).
Users activity is growing slowly but steadily (the user@ mailing list has got
new messages from new users). We have got quite some feedbacks from users
(included patches). Lately we have been fixing a bunch of users reported
issues
(https://issues.apache.org/jira/secure/ReleaseNote.jspa?projectId=12314420&ver
sion=12334954) hence the new upcoming release.

COMMUNITY

PMC composition has not changed since graduation We have voted one new
committer Jasha Joachimsthal in January 2015  (31/01/2015)

Tommaso Teofili decided to go emeritus.

ISSUES

There are no issues requiring board attention at this time.

17 Feb 2016 [Antonio Sanso / Chris]

DESCRIPTION

Oltu is a project to develop a Java library which provides an API
specification for, and an unconditionally compliant implementation of the
OAuth v2.0 specifications.  OAuth is a mechanism that allows users to
authenticate and authorise access by another party to resources they control
while avoiding the need to share their username and password credentials.

MILESTONES

Apache Oltu 1.0 was released on March 3rd 2014.

Apache Oltu Oauth2 module version 1.0.1 was released September 24th 2015

CURRENT ACTIVITY

The core part of the project related to 'The OAuth 2.0 Authorization
Framework' (RFC 6749) is pretty stable due the fact RFC 6749 is now a
standard.

A stable version 1.0 was released on March 3rd 2014 and some minor releases
are going out regularly for bug fixing. The current intention is to extend the
coverage to the JWE (started in OLTU-80)

- Implement JWE support for JWT In Progress ). We completed the "Handling
 Cryptography" process (http://www.apache.org/dev/crypto.html) in
 OLTU-162 - Handling Cryptography within OLTU Release Resolved .

Users activity is growing slowly but steadily (the user@ mailing list has got
new messages from new users). We got quite some feedbacks from users (included
patches).  The answer from Oltu dev seems to be a bit slow though. The overall
coding activity is also slow. The reason might also be the fact the OAuth
specification is stable for a while (being an RFC) hence also the code is
stable. I have sent an email to dev@ in order to encourage people to engage
more on reported bugs. I will report next time with the outcome.


COMMUNITY

PMC composition has not changed since graduation
We have voted one new committer Jasha Joachimstha in January 2015
(31/01/2015)

ISSUES

There are no issues requiring board attention at this time.

18 Nov 2015 [Antonio Sanso / Rich]

Board Report, Oltu PMC

Oltu PMC Chair: Antonio Sanso (asanso@apache.org<mailto:asanso@apache.org>)
Date: November 2015

DESCRIPTION

Oltu is a project to develop a Java library which provides an API
specification for, and an unconditionally compliant implementation of the
OAuth v2.0 specifications. OAuth is a mechanism that allows users to
authenticate and authorise access by another party to resources they control
while avoiding the need to share their username and password credentials.

MILESTONES

Apache Oltu 1.0 was released on March 3rd 2014.

Apache Oltu Oauth2 module version 1.0.1 was released September 24th 2015

CURRENT ACTIVITY

The core part of the project related to 'The OAuth 2.0 Authorization
Framework' (RFC 6749) is pretty stable due the fact RFC 6749 is now a
standard. A stable version 1.0 was released on March 3rd 2014 and some minor
releases are going out regularly for bug fixing. The current intention is to
extend the coverage to the JWE part and potentially the JWK specification
(https://tools.ietf.org/html/rfc7517). Users activity is growing slowly but
steadily (the user@ mailing list has got new messages from new users). We got
quite some feedbacks from users (included patches). The answer from Oltu dev
seems to be a bit slow though. The overall coding activity is also slow. The
reason might also be the fact the OAuth specification is stable for a while
(being an RFC) hence also the code is stable.

COMMUNITY

PMC composition has not changed since graduation We have voted one new
committer Jasha Joachimstha in January 2015  (31/01/2015)

ISSUES

There are no issues requiring board attention at this time.

16 Sep 2015 [Antonio Sanso / Shane]

DESCRIPTION

Oltu is a project to develop a Java library which provides an API
specification for, and an unconditionally compliant implementation of the
OAuth v2.0 specifications. OAuth is a mechanism that allows users to
authenticate and authorise access by another party to resources they control
while avoiding the need to share their username and password credentials.

MILESTONES

Apache Oltu 1.0 was released on March 3rd 2014.

CURRENT ACTIVITY

The core part of the project related to 'The OAuth 2.0 Authorization
Framework' (RFC 6749) is pretty stable due the fact RFC 6749 is now a
standard.

A stable version 1.0 was released on March 3rd 2014. We plan to make a new
minor release soonish
( [https://issues.apache.org/jira/images/icons/issuetypes/task.png]
OLTU-171<https://issues.apache.org/jira/browse/OLTU-171>
- Release a new version of Oltu Open ). We have extended the coverage for the
IETF JOSE specifications
(that is strictly correlated to OAuth 2) as JWS
(https://tools.ietf.org/html/draft-ietf-jose-json-web-signature-36). The
current intention is to extend the coverage to the JWE part. We got quite some
feedbacks from users (included patches). The answer from Oltu dev seems to be
a bit slow though. The overall coding activity is also slow. The reason might
also be the fact the OAuth specification is stable for a while (being an RFC)
hence also the code is stable.

COMMUNITY

PMC composition has not changed since graduation We have voted one new
committer Jasha Joachimsthal in January 2015  (31/01/2015)

ISSUES

There are no issues requiring board attention at this time.

19 Aug 2015 [Antonio Sanso / Brett]

No report was submitted.

17 Jun 2015 [Antonio Sanso / David]

Oltu is a project to develop a Java library which provides an API
specification for, and an unconditionally compliant implementation of the
OAuth v2.0 specifications. OAuth is a mechanism that allows users to
authenticate and authorise access by another party to resources they control
while avoiding the need to share their username and password credentials.

MILESTONES

Apache Oltu 1.0 was released on March 3rd 2014.

CURRENT ACTIVITY

The core part of the project related to 'The OAuth 2.0 Authorization
Framework' (RFC 6749) is pretty stable due the fact RFC 6749 is now a
standard.

A stable version 1.0 was released on March 3rd 2014. We plan to make a new
minor release soonish ( OLTU-171 - Release a new version of Oltu ( Open) ). We
have extended the coverage for the IETF JOSE specifications (that is strictly
correlated to OAuth 2) as JWS
(https://tools.ietf.org/html/draft-ietf-jose-json-web-signature-36). The
current intention is to extend the coverage to the JWE part. Users activity is
growing slowly but steadily (the user@ mailing list has got new messages from
new users). We got some feedback from some users about our not too clear
documentation. Hence we are planning to improve this area. A presentation
about Apache Oltu was given for JUG Basel : "OAuth Hacks - A gentle
introduction to OAuth 2 and Apache Oltu"
(http://www.jug.ch/html/events/2015/oauth_hacks.html)

COMMUNITY

PMC composition has not changed since graduation We have voted one new
committer Jasha Joachimsthal in January 2015  (31/01/2015)

ISSUES

There are no issues requiring board attention at this time.

20 May 2015 [Antonio Sanso / Sam]

No report was submitted.

@Sam: pursue a report for Oltu for next month

18 Mar 2015 [Antonio Sanso / Jim]

Oltu is a project to develop a Java library which provides an API
specification for, and an unconditionally compliant implementation of the
OAuth v2.0 specifications. OAuth is a mechanism that allows users to
authenticate and authorise access by another party to resources they control
while avoiding the need to share their username and password credentials.

MILESTONES

Apache Oltu 1.0 was released on March 3rd 2014.

CURRENT ACTIVITY

The core part of the project related to 'The OAuth 2.0 Authorization
Framework' (RFC 6749) is pretty stable due the fact RFC 6749 is now a
standard.

A stable version 1.0 was released on March 3rd 2014. We have extended the
coverage for the IETF JOSE specifications (that is strictly correlated to
OAuth 2) as JWS
(https://tools.ietf.org/html/draft-ietf-jose-json-web-signature-36). The
current intention is to extend the coverage to the JWE part. Users activity is
growing slowly but steadily (the user@ mailing list has got new messages from
new users). We got some feedback from some users about our not too clear
documentation.

Hence we are planning to improve this area.

COMMUNITY

PMC composition has not changed since graduation We have voted one new
committer Jasha Joachimstha in January 2015

ISSUES

There are no issues requiring board attention at this time.

18 Feb 2015 [Antonio Sanso / Greg]

No report was submitted.

19 Nov 2014 [Antonio Sanso / Doug]

DESCRIPTION

Oltu is a project to develop a Java library which provides an API
specification for, and an unconditionally compliant implementation of the
OAuth v2.0 specifications. OAuth is a mechanism that allows users to
authenticate and authorise access by another party to resources they control
while avoiding the need to share their username and password credentials.

MILESTONES

Apache Oltu 1.0 was released on March 3rd 2014.

CURRENT ACTIVITY

The core part of the project related to 'The OAuth 2.0 Authorization
Framework' (RFC 6749) is pretty stable due the fact RFC 6749 is now a
standard.

A stable version 1.0 was released on March 3rd 2014. We have extended the
coverage for the IETF JOSE specifications (that is strictly correlated to
OAuth 2) as JWS
(https://tools.ietf.org/html/draft-ietf-jose-json-web-signature-36). The
current intention is to extend the coverage to the JWE part.
Users activity is growing slowly but steadily (the user@ mailing list has got
new messages from new users). We got some feedback from some users about our
not too clear documentation.

Hence we are planning to improve this area.

COMMUNITY

PMC composition has not changed since graduation We have voted one new
committer since graduation (3rd March 2013)

ISSUES

There are no issues requiring board attention at this time.

20 Aug 2014 [Antonio Sanso / Rich]

Oltu is a project to develop a Java library which provides an API
specification for, and an unconditionally compliant implementation of the
OAuth v2.0 specifications. OAuth is a mechanism that allows users to
authenticate and authorise access by another party to resources they control
while avoiding the need to share their username and password credentials.

MILESTONES

Apache Oltu 1.0 was released on March 3rd.

CURRENT ACTIVITY

The core part of the project related to 'The OAuth 2.0 Authorization
Framework' (RFC 6749) is pretty stable due the fact RFC 6749 is now a
standard.

A stable version 1.0 was released on March 3rd. The current focus is on
extending the coverage for the IETF JOSE specifications e.g. JWS, JWE  (that
are strictly correlated to OAuth 2).
Users activity is growing slowly but steadily (the user@ mailing list has got
new messages from new users). We got some feedback from some users about our
not too clear documentation.

Hence we are planning to improve this area.


COMMUNITY

PMC composition has not changed since graduation. We have voted one new
committer since graduation.

ISSUES

There are no issues requiring board attention at this time.

21 May 2014 [Antonio Sanso / Bertrand]

DESCRIPTION

Oltu is a project to develop a Java library which provides an API
specification for, and an unconditionally compliant implementation of the
OAuth v2.0 specifications.
OAuth is a mechanism that allows users to authenticate and authorise access
by another party to resources they control while avoiding the need to share
their username and password credentials.

MILESTONES

Apache Oltu 1.0 was released on March 3rd.

CURRENT ACTIVITY

The core part of the project related to 'The OAuth 2.0 Authorization
Framework' (RFC 6749) is pretty stable due the fact RFC 6749 is now a
standard.

A stable version 1.0 was released on March 3rd. The current focus is on
extending the coverage for the IETF JOSE specifications e.g. JWS, JWE  (that
are strictly correlated to OAuth 2).

Users activity is growing slowly but steadily (the user@ mailing list has got
new messages from new users)

COMMUNITY

PMC composition has not changed since graduation
We have voted one new committer since graduation

ISSUES

There are no issues requiring board attention at this time.

19 Feb 2014 [Antonio Sanso / Jim]

DESCRIPTION

Oltu is a project to develop a Java library which provides an API
specification for, and an unconditionally compliant implementation of the
OAuth v2.0 specifications. OAuth is a mechanism that allows users to
authenticate and authorise access by another party to resources they control
while avoiding the need to share their username and password credentials.

MILESTONES

org.apache.oltu.commons 1.0 and org.apache.oltu.jose 1.0 were released on February 7th.

CURRENT ACTIVITY

The core part of the project related to 'The OAuth 2.0 Authorization
Framework' (RFC 6749) is pretty stable due the fact RFC 6749 is now a
standard.

New parts of the OAuth specification family (JOSE) have been released this
month. Soon we will release a stable version 1.0 of OAuth core.

Users activity is growing slowly but steadily (the user@ mailing list has
got new messages from potential new users)

COMMUNITY

PMC composition has not changed since graduation
We have voted one new committer since graduation

ISSUES

There are no issues requiring board attention at this time.

20 Nov 2013 [Antonio Sanso / Chris]

DESCRIPTION

Oltu is a project to develop a Java library which provides an API
specification for, and an unconditionally compliant implementation of the
OAuth v2.0 specifications. OAuth is a mechanism that allows users to
authenticate and authorise access by another party to resources they control
while avoiding the need to share their username and password credentials.

MILESTONES

Apache Oltu OAuth2 0.31 was released on July 3rd.

CURRENT ACTIVITY

The core part of the project related to 'The OAuth 2.0 Authorization
Framework' (RFC 6749) is pretty stable due the fact RFC 6749 is now a
standard. New parts of the OAuth specification family are currently under
development (JWT, JWS and OpenId Connect)

We got a contribution of the Apache Oltu logo that has now been included in
the website and in the Oltu demo.

Users activity is growing slowly but steadily (the user@ mailing list has
got new messages from potential new users)

COMMUNITY

PMC composition has not changed since graduation
We have voted one new committer since graduation

ISSUES

There are no issues requiring board attention at this time.

21 Aug 2013 [Antonio Sanso / Doug]

DESCRIPTION

Oltu is a project to develop a Java library which provides an API
specification for, and an unconditionally compliant implementation of the
OAuth v2.0 specifications.  OAuth is a mechanism that allows users to
authenticate and authorise access by another party to resources they control
while avoiding the need to share their username and password credentials.

MILESTONES

Apache Oltu OAuth2 0.31 was released on July 3rd.

CURRENT ACTIVITY

The "After graduation tasks" are now completed.  Development activity has
been quite low lately but we have plan to implement OpenId Connect and JWT
specifications.  From the other hand users activity is growing slowly but
steadily (the user@ mailing list has got new messages from potential new
users)

COMMUNITY

PMC composition has not changed since graduation
We have voted one new committer since graduation

ISSUES

There are no issues requiring board attention at this time.

15 May 2013 [Antonio Sanso / Sam]

DESCRIPTION

Oltu is a project to develop a Java library which provides an API
specification for, and an unconditionally compliant implementation of
the OAuth v2.0 specifications.  OAuth is a mechanism that allows users
to authenticate and authorise access by another party to resources
they control while avoiding the need to share their username and
password credentials.

MILESTONES

Oltu graduated from the Apache Incubator on January 16, 2013. Since
then, there have been no new releases.

CURRENT ACTIVITY

The "After graduation tasks" are now completed. We have been following
the instruction as for
http://incubator.apache.org/guides/graduation.html#transfer We tracked
the steps in and https://issues.apache.org/jira/browse/AMBER-76 that
is now resolved The previous INFRA blocker
(https://issues.apache.org/jira/browse/INFRA-5777) about JIRA
migration has been solved.  All the JIRA issues are successfully
migrated.  development activity is healthy we started also to
implement OpenId Connect and JWT specifications, new contributors are
emerging as potential new committers; We have improved our demo webapp
module users activity is almost quiet.

COMMUNITY

PMC composition has not changed since graduation
We have voted one new committer since graduation

ISSUES

There are no issues requiring board attention at this time.

17 Apr 2013 [Antonio Sanso / Greg]

DESCRIPTION

Oltu is a project to develop a Java library which provides an API
specification for, and an unconditionally compliant implementation of the
OAuth v2.0 specifications. OAuth is a mechanism that allows users to
authenticate and authorise access by another party to resources they
control while avoiding the need to share their username and password
credentials.

MILESTONES

Oltu graduated from the Apache Incubator on January 16, 2013. Since
then, there have been no new releases.

CURRENT ACTIVITY

The "After graduation tasks" are about to be completed. We have been
following the instruction as for
http://incubator.apache.org/guides/graduation.html#transfer. We are
tracking our progress in https://issues.apache.org/jira/browse/INFRA-5772
and https://issues.apache.org/jira/browse/AMBER-76; The previous INFRA
blocker (https://issues.apache.org/jira/browse/INFRA-5777) about JIRA
migration has not been resolved. We successfully migrated all our issues
to the new OLTU's JIRA We have also migrated and updated the wiki and the
website development activity is healthy we started also to implement
OpenId Connect and JWT specifications, new contributors are emerging as
potential new committers; users activity is almost quiet.
COMMUNITY

PMC composition has not changed since graduation
ISSUES

There are no issues requiring board attention at this time.

20 Mar 2013 [Antonio Sanso / Ross]

DESCRIPTION

Oltu is a project to develop a Java library which provides an API
specification for, and an unconditionally compliant implementation of
the OAuth v2.0 specifications.  OAuth is a mechanism that allows users
to authenticate and authorise access by another party to resources
they control while avoiding the need to share their username and
password credentials.

MILESTONES

Oltu graduated from the Apache Incubator on January 16, 2013. Since
then, there have been no new releases.

CURRENT ACTIVITY

* the main activity at the moment is related to the "After graduation
tasks". We have been following the instruction as for
[http://incubator.apache.org/guides/graduation.html#transfer].

* We are tracking our progress in
[https://issues.apache.org/jira/browse/INFRA-5772] and
[https://issues.apache.org/jira/browse/AMBER-76];

* development is freezed because of
[https://issues.apache.org/jira/browse/INFRA-5777]; we would rather
continue tracking issues on AMBER as soon as possible in order to
avoid any confusion in our community; As long as we understood rename
of a JIRA project is not possible but it would be nice to have at
least a new JIRA project named OLTU.

* we have been discussing the possible synergy between Apache Oltu and
other Apache projects (e.g. CXF)

* development activity is healthy, new contributors are emerging as
potential new committers;

* users activity is almost quiet.

COMMUNITY

* PMC composition has not changed since graduation.
* We have voted a new committer : Stein Welberg

ISSUES

There are no issues requiring board attention at this time.

20 Feb 2013 [Antonio Sanso / Greg]

DESCRIPTION

Oltu is a project to develop a Java library which provides an API
specification for, and an unconditionally compliant implementation of
the OAuth v2.0 specifications.  OAuth is a mechanism that allows users
to authenticate and authorise access by another party to resources
they control while avoiding the need to share their username and
password credentials.

MILESTONES

Oltu graduated from the Apache Incubator on January 16, 2013. Since then,
there have been no new releases.

CURRENT ACTIVITY

- the main activity at the moment is related to the "After graduation tasks".
 We have been following the instruction as for
 http://incubator.apache.org/guides/graduation.html#transfer.
 We are tracking our progress in
 https://issues.apache.org/jira/browse/INFRA-5772 and
 https://issues.apache.org/jira/browse/AMBER-76;
- development is freezed because of
 https://issues.apache.org/jira/browse/INFRA-5777; we would rather
 continue tracking issues on AMBER as soon as possible in order to
 avoid any confusion in our community;
- we have been discussing to widen a bit the scope of Oltu in order to
 provide Open Id Connect support, some implementation around this has
 already started;
- development activity is healthy, new contributors are emerging as
 potential new committers;
- users activity is almost quiet.

COMMUNITY

- PMC composition has not changed since graduation.
- Committers composition has not changed since graduation.

ISSUES

There are no issues requiring board attention at this time.

16 Jan 2013

Establish the Apache Oltu Project

 WHEREAS, the Board of Directors deems it to be in the best
 interests of the Foundation and consistent with the
 Foundation's purpose to establish a Project Management
 Committee charged with the creation and maintenance of
 open-source software, for distribution at no charge to the
 public, related to the OAuth protocol implementation in Java.

 NOW, THEREFORE, BE IT RESOLVED, that a Project Management
 Committee (PMC), to be known as the "Apache Oltu Project",
 be and hereby is established pursuant to Bylaws of the
 Foundation; and be it further

 RESOLVED, that the Apache Oltu Project be and hereby is
 responsible for the creation and maintenance of software
 related to OAuth protocol implementation in Java; and be it
 further

 RESOLVED, that the office of "Vice President, Apache Oltu" be
 and hereby is created, the person holding such office to
 serve at the direction of the Board of Directors as the chair
 of the Apache Oltu Project, and to have primary responsibility
 for management of the projects within the scope of
 responsibility of the Apache Oltu Project; and be it further

 RESOLVED, that the persons listed immediately below be and
 hereby are appointed to serve as the initial members of the
 Apache Oltu Project:

    * Antonio Sanso             <asanso@apache.org>
    * Lukasz Moren              <lmoren@apache.org>
    * Maciej Pawel Machulak     <mmachulak@apache.org>
    * Raymond Feng              <rfeng@apache.org>
    * Stuart Williams           <pidster@apache.org>
    * Simone Tripodi            <simonetripodi@apache.org>
    * Tommaso Teofili           <tommaso@apache.org>

 NOW, THEREFORE, BE IT FURTHER RESOLVED, that Antonio Sanso
 be appointed to the office of Vice President, Apache Oltu to
 serve in accordance with and subject to the direction of the
 Board of Directors and the Bylaws of the Foundation until
 death, resignation, retirement, removal or disqualification,
 or until a successor is appointed; and be it further

 RESOLVED, that the Apache Oltu Project be and hereby
 is tasked with the migration and rationalization of the Apache
 Incubator Oltu podling; and be it further

 RESOLVED, that all responsibilities pertaining to the Apache
 Incubator Oltu podling encumbered upon the Apache Incubator
 Project are hereafter discharged.

 Special Order 7C, Establish the Apache Oltu Project, was
 approved by Unanimous Vote of the directors present.

21 Nov 2012

Amber has been incubating since July 2010. Amber is a project to develop
a Java library which provides an API specification for, and an unconditionally
compliant implementation of the OAuth v1.0, v1.0a and v2.0 specifications.
OAuth is a mechanism that allows users to authenticate and authorise access
by another party to resources they control while avoiding the need to share
their username and password credentials.

A list of the three most important issues to address in the move towards
graduation

 - Attract users and developers
 - Start to execute the graduation plan

Any issues that the Incubator PMC (IPMC) or ASF Board wish/need to be aware of?

 - No particularly issues at the moment

How has the community developed since the last report?

 New users / devs show up on the mailing lists both contributing patches and
 asking for guidance/release.

How has the project developed since the last report

 After the Amber first release (amber-0.22-incubating) seems that the
 community has taken a little hiatus. Next challenge is to comply against
 the just released RFC 6749 (http://tools.ietf.org/html/rfc6749). Since the
 last report we fixed some issues for aligning with latest OAuth
 specification.

Signed-off-by: wave (as shepherd)
IPMC comments:
 wave: I think that Amber is ready to graduate - the traffic on the ML is
       down but indicates that some might use Amber if it were a TLP. I see
       starts to the process, I think that the mentors just need to give the
       podling some nudges. Some status updates to the mentor lists and
       sign-offs are in order as well.

15 Aug 2012

Amber has been incubating since July 2010. Amber is a project to develop
a Java library which provides an API specification for, and an
unconditionally
compliant implementation of the OAuth v1.0, v1.0a and v2.0 specifications.
OAuth is a mechanism that allows users to authenticate and authorise access
by another party to resources they control while avoiding the need to share
their username and password credentials.

A list of the three most important issues to address in the move towards
graduation

 - Attract users and developers
 - Start to think about a  graduation plan

Any issues that the Incubator PMC (IPMC) or ASF Board wish/need to be aware
of?

 No particularly issues at the moment

How has the community developed since the last report?

 New users / devs show up on the mailing lists both contributing patches
 and asking for guidance/release

 Fraunhofer AISEC decided to donate their UMA implementation based on
 OAuth 2.0
(http://kantarainitiative.org/confluence/display/uma/Fraunhofer+AISEC+Implementation+FAQ)
 to Amber (see AMBER-57). Amber PPMCs are evaluating how to move forward.

How has the project developed since the last report

 - The legal issue that slowed down the project significantly has been
   finally solved, see LEGAL-134
 - Fixed a bunch of issues for aligning with latest OAuth specification
 - amber-0.22-incubating (Amber first release) has been officially approved
   and ready to be used.

Signed-off-by: Raymond Feng (rfeng), mfranklin, jukka
IPMC comments:
mfranklin: Everything looks good with community & project. Status page needs
           to be updated and all items signed off before graduation.
    jukka: Congratulations on the release and especially on successfully
           navigating through the legal issue!

16 May 2012

Amber has been incubating since July 2010. Amber is a project to develop
a Java library which provides an API specification for, and an unconditionally
compliant implementation of the OAuth v1.0, v1.0a and v2.0 specifications.
OAuth is a mechanism that allows users to authenticate and authorise access
by another party to resources they control while avoiding the need to share
their username and password credentials.

A list of the three most important issues to address in the move towards
graduation

 - Clarify status of code grant
 - Attract users and developers
 - Generate a release

Any issues that the Incubator PMC (IPMC) or ASF Board wish/need to be aware of?

 - We need copyright signoff from University of Newcastle or some guidance
   on how to proceed.

How has the community developed since the last report?

 - Raymond Feng joined in as a mentor
 - New users / devs show up on the mailing lists both contributing patches
   and asking for guidance/release

How has the project developed since the last report

 - an attempt to clarify the legal issue is on going see LEGAL-134
 - Fixed a bunch of issues for aligning with latest OAuth specification

Signed off by mentor: rfeng

15 Feb 2012

Amber has been incubating since July 2010. Amber is a project to develop
a Java library which provides an API specification for, and an
unconditionally compliant implementation of the OAuth v1.0, v1.0a and v2.0
specifications.  OAuth is a mechanism that allows users to authenticate and
authorise access by another party to resources they control while avoiding the
need to share their username and password credentials.

A list of the three most important issues to address in the move towards
graduation

 - Clarify status of code grant
 - Attract users and developers
 - Generate a release

Any issues that the Incubator PMC (IPMC) or ASF Board wish/need to be aware
of?

 - We need copyright signoff from University of Newcastle

How has the community developed since the last report?

 - Antonion Sanso joined in as a new committer and PPMC member
 - Raymond Feng has expressed his availability to join as a mentor
 - Simone Tripodi, Amber 'father' joined back (he'd gone emeritus before)

How has the project developed since the last report?

 - Fixed a bunch of issues for aligning with latest OAuth specification
 - Updated and improved Amber website also to face T requirements

Signed off by mentor:

21 Dec 2011

DID NOT REPORT

16 Nov 2011

DID NOT REPORT

17 Aug 2011

Amber has been incubating since July 2010. Amber is a project to develop a
Java library which provides an API specification for, and an unconditionally
compliant implementation of the OAuth v1.0, v1.0a and v2.0 specifications.
OAuth is a mechanism that allows users to authenticate and authorise access
by another party to resources they control while avoiding the need to share
their username and password credentials.

The most important issues that must be addressed before graduation are:

- Clarify status of code grant
- Attract users and developers
- Generate a release

The Incubator PMC / ASF Board should be aware that:

- Community activity is relatively low

How has the community developed since the last report

- Some users have started asking for help or getting started guides on the
mailing list

How has the project developed since the last report

- Work has begun on updating the OAuth implementation
- Discussion about preparing for an initial release is ongoing

19 May 2011

Amber has been incubating since July 2010. Amber is a project to develop a
Java library which provides an API specification for, and an unconditionally
compliant implementation of the OAuth v1.0, v1.0a and v2.0 specifications.
OAuth is a mechanism that allows users to authenticate and authorise access
by another party to resources they control while avoiding the need to share
their username and password credentials.

The most important issues that must be addressed before graduation are:

 - Attract users and developers
 - Generate a release

The Incubator PMC / ASF Board should be aware that:

 - Community activity is relatively low

How has the community developed since the last report

 - Some users have started asking for help or getting started guides on the
mailing list

How has the project developed since the last report

 - Fixed some bugs
 - Removed LGPL licensed files from website

16 Feb 2011

Amber has been incubating since July 2010. Amber is a project to
develop a Java library which provides an API specification for, and an
unconditionally compliant implementation of the OAuth v1.0, v1.0a and
v2.0 specifications. OAuth is a mechanism that allows users to
authenticate and authorise access by another party to resources they
control while avoiding the need to share their username and password
credentials.

The most important issues that must be addressed before graduation are:

* Attract users and developers
* Generate a release

The Incubator PMC / ASF Board should be aware that:

* Community activity is relatively low

How has the community developed since the last report

* Two new committers have joined the project, after contributing some code

How has the project developed since the last report

* An OAuth 2.0 implementation called Leeloo has been contributed to the project
* OAuth 1.0 code previously contributed, has been integrated with the project

17 Nov 2010

Amber is a project to develop a Java library which provides an API
specification for, and an unconditionally compliant implementation of the
OAuth v1.0, v1.0a and v2.0 specifications. OAuth is a mechanism that allows
users to authenticate and authorise access by another party to resources
they control while avoiding the need to share their username and password
credentials.

The most important issues that must be addressed before graduation are:

 * attract new users and developers
 * making a release

The Incubator PMC / ASF Board should be aware that:

 * community activity is very low and committers/mentors have been quite
dormant lately

How has the community developed since the last report

 * No change

How has the project developed since the last report

 * A couple of issues on spec-api have been fixed.
 * Site has been prepared and is being published.
 * Amber has been presented at latest Apache Retreat in UK, a couple of
people talked about possibly contributing OAuth v2.0 implementation.
 * Work being done on signature-api to fix RSA algorithm.

18 Aug 2010

Amber is a project to develop a Java library which provides an API
specification for, and an unconditionally compliant implementation of
the OAuth v1.0, v1.0a and v2.0 specifications. OAuth is a mechanism
that allows users to authenticate and authorize access by another
party to resources they control while avoiding the need to share their
username and password credentials.

The most important issues that must be addressed before graduation are:

 * attract new users and developers
 * making a release

The Incubator PMC / ASF Board should be aware that:

 * Involved people have been very busy due to personal/business issues in
the last month.

Latest activity:

 * apply the API definition choices approved by the community.
 * started implementing the Signing algorithms.

Next steps:

 * finalize the API definition.
 * implementation of different specification versions (client and server).

Community:

 * The community is in the first stages of formation and solely
consists of the developers, though a few users start to appear on the
mailing lists.

21 Jul 2010

Amber is a project to develop a Java library which provides an API
specification for, and an unconditionally compliant implementation of the
OAuth v1.0, v1.0a and v2.0 specifications. OAuth is a mechanism that allows
users to authenticate and authorize access by another party to resources
they control while avoiding the need to share their username and password
credentials.

The most important issues that must be addressed before graduation are:

 * attract new users and developers
 * making a release

Latest activity:

 * The initial developers are discussing about API definition, modules'
design and build process.
 * Code from Amber lab and Pid's OAuth contribution has been committed.
 * A short talk has been given about OAuth and Amber at the London Java
Community Unconference.

Next steps:

 * apply the API definition choices approved by the community
 * implementation of different specification versions (client and server)

Community:

 * The community is in the first stages of formation and solely consists of
the developers, though a few users start to appear on the mailing lists.

16 Jun 2010

Amber is a project to develop a Java library which provides an API
specification for, and an unconditionally compliant implementation of the
OAuth v1.0, v1.0a and v2.0 specifications. OAuth is a mechanism that allows
users to authenticate and authorise access by another party to resources
they control while avoiding the need to share their username and password
credentials.

The Incubator PMC / ASF Board should be aware that:

The community is in the first stages of formation and solely consists of the
developers.

The project has begun with the contribution of code from the initial
developers.