Spring officially announced the launch of a new project called Spring Authorization Server. The project is a community-driven project led by Spring Security to provide authorization server support to the Spring community.
About ten years ago, Spring officially launched a community-driven open source project, Spring Security OAuth. Through the unremitting efforts of the community, the project has become a benchmark project, which fully proves that community-driven work can be done well.
However, because Spring Security OAuth has not been able to adapt to the development of OAuth protocol, many supporting facilities have been outdated, and can not provide a unified OAuth library coordinated with Spring products.
Obviously, rewriting OAuth support for Spring Security is a daunting task. The Spring team decided to split the work into client, resource server, and authorization server. The number of third-party authorization servers to choose from has increased dramatically. The Spring team does not see creating authorization servers as a common requirement, nor do they see it as appropriate to provide authorization support within a framework without library support. After careful consideration, the Spring Security team indicated in the Spring Security OAuth roadmap that creating authorization servers is no longer supported.
When this news was released, there was a strong community response that the Spring ecosystem needed support for licensing servers. So the Spring Authorization Server project is on the agenda. This is a good thing for Java developers, not only to fill the gap in the Spring ecosystem that will soon be short of licensing servers, but also to participate in the project in an unofficial capacity.
The project is currently in the works, and the Spring team welcomes contributors. Hopefully it will be as successful as Spring Security OAuth.
Follow our public id: Felordcn for more information
Personal blog: https://felord.cn