Board Report, Oltu PMC

Oltu PMC Chair: Antonio Sanso (
Date: February 2016


Oltu is a project to develop a Java library which provides an API specification for, and an unconditionally compliant implementation of the OAuth v2.0 specifications.
OAuth is a mechanism that allows users to authenticate and authorise access by another party to resources they control while avoiding the need to share their username and password credentials.


Apache Oltu 1.0 was released on March 3rd 2014.

Apache Oltu Oauth2 module version 1.0.1 was released September 24th 2015


The core part of the project related to 'The OAuth 2.0 Authorization Framework' (RFC 6749) is pretty stable due the fact RFC 6749 is now a standard.
A stable version 1.0 was released on March 3rd 2014 and some minor releases are going out regularly for bug fixing. The current intention is to extend the coverage to the JWE (started in OLTU-80 - Getting issue details... STATUS ). We completed the "Handling Cryptography" process ( in OLTU-162 - Getting issue details... STATUS . 
Users activity is growing slowly but steadily (the user@ mailing list has got new messages from new users). We got quite some feedbacks from users (included patches). The answer from Oltu dev seems to be a bit slow though. The overall coding activity is also slow. The reason might also be the fact the OAuth specification is stable for a while (being an RFC) hence also the code is stable. I have sent an email to dev@ in order to encourage people to engage more on reported bugs. I will report next time with the outcome.


PMC composition has not changed since graduation
We have voted one new committer Jasha Joachimstha in January 2015  (31/01/2015)


There are no issues requiring board attention at this time.






  • No labels