The JBoss Community is planning to participate in Google Summer of Code in 2024.
All contributors & developers are welcome to participate in the https://summerofcode.withgoogle.com/ program with the JBoss Community.
If you are a contributor looking forward to participating in the GSoC 2024 with the JBoss Community:
- Feel free to browse the growing idea list below.
- Please don't hesitate to contact the mentor(s) indicated in the proposal for any related clarification and to discuss proposals.
- You can have a look at ideas list of previous years for inspiration.
- Please see our contributor guide.
- You may find a sample GSoC proposal document here which was for this idea.
Contributors: Please read the list above and also read our contributor guide.
A note to mentors
MENTORS: Red Hat employees can change this page directly to add ideas. Please be extra careful to not get other mentor's edits discarded.
Red Hatters should have linked their jboss.org account with Red Hat and can be checked on https://sso.jboss.org/login
Non-Red Hatters can add a comment to the page and admins will make sure the idea is added to the page.
Table of Contents
- Table of Contents
- Administrators and Mentors
- Communication channels
- Idea template (for mentors)
- Idea Proposals
Administrators and Mentors
We will list the potential mentors in this place. For now, if you have any questions, please contact the GSoC administrators:
George Zaronikas (gzaronikas) and Sokratis Zappis (szappis AT redhat DOT com)
Communication channels
Gitter : JBossOutreach/GSoC - Gitter
Please take note - These channels are about generic doubts. For project-specific doubts you will need to contact project mentors and channels specified in the project description.
Idea template (for mentors)
Project title
Summary of idea:
-Idea
-Feature A
-Feature B
Knowledge prerequisite: Languages/Technologies goes here
Github repo:
Project size: medium (~175 hours) or large (~350 hours)
Skill level: Beginner/Intermediate/Advanced
Contact(s) / potential mentors(s): Mentor(s) name and contact details
Associated JBoss community project(s):
Idea Proposals
WildFly Elytron - Add support for Online Certificate Status Protocol (OCSP) stapling to WildFly Elytron, for use in the WildFly application server
Summary of idea:
If you want to learn about security, this is your chance to develop a new security feature for the WildFly Application Server! As a bonus, you'll get to work with a diverse team.
The WildFly Elytron project is a security framework for Java clients and application servers. WildFly is an open source application server. Elytron is used by the WildFly application server to secure applications that are deployed to the server and to secure management access to the server. Banks, retail stores, and governments are just some examples of end-users of the enterprise version of the WildFly application server.
The TLS protocol allows communication between a client and a server to be encrypted. WildFly Elytron allows users to configure policy information related to TLS. Currently, this includes things like key managers, trust managers, cipher suites, and protocols (see https://github.com/wildfly-security/wildfly-elytron/tree/1.x/ssl/src/main/java/org/wildfly/security/ssl).
The purpose of this project is to work on new OCSP feature for the WildFly server. In particular, the goal of this project is to add support for Online Certificate Status Protocol (OCSP) stapling to WildFly Elytron, for use in the WildFly application server.
OCSP stapling is a standard that’s used to check the revocation status of an X.509 certificate. In particular, when presenting its certificate during a TLS handshake, the server first sends an OCSP request to an OCSP responder and the returned response is “stapled” to the server’s certificate chain. Because the server is the one contacting the OCSP responder instead of the client, the advantage is that the server bears the resource cost and the OCSP response it receives can be cached and used multiple times for different clients.
Possible tasks for this project:
- Create a document that describes how you plan to approach the problem.
- Implement the ability for a WildFly server to use OCSP stapling when presenting its certificate. This will involve adding functionality to both the WildFly Elytron project as well as the WildFly Core project, where Elytron is actually integrated with the WildFly application server.
- Implement appropriate test cases.
- Write documentation.
- Create a blog post that gives an overview of your project.
The WildFly Elytron team is a diverse, distributed team that has a lot of experience working with interns and junior engineers.
Knowledge pre-requisites:
- Experience with Java
- Git
- Maven
GitHub repo: https://github.com/wildfly-security/wildfly-elytron
Other useful links:
Project size: Medium (~175 hours)
Skill level: Intermediate
Project chat: https://wildfly.zulipchat.com/#narrow/stream/173102-wildfly-elytron
Contact(s) / potential mentors(s): Farah Juma <fjuma@redhat.com> and Diana Krepinska <dvilkola@redhat.com>
Associated JBoss community project(s): Elytron, WildFly