Adopted by the Community over many months beginning April 2023 and continuing until May 2024 See listserv discussions.
https://lists.apache.org/thread/m46dnqwn8lcy9ohhgd5j03yjjsjpq3ny
Clarifications but no objections raised to the need, and progress was undertaken incrementally.
This led to the recognition of the need for a more formal SIP acceptance process.
This SIP is the reason we adopted a more formal process of DISCUSS, VOTE, and TRACK.
GOALS
- separate the current security infrastructure as much as possible from Fineract’s core; i. e. make it a custom module
- create the OAuth Client aka Keycloak module as a drop-in replacement for the current security mechanics
- delegate everything authentication/authorization related to 3rd party libs/frameworks/products/services
- re-use 3rd party libs/frameworks/products/services user interfaces and remove corresponding views (e. g. user management) from Fineract web app
- as minimal refactoring as possible in the short/mid term
- keep backwards compatibility for a couple of major releases
- provide good documentation and/or automated tools for migration
Non-Goals
- Fineract as a standalone identity server
More details here in Jira ticket 1908.