From oauth-webapp

The AUTOCOMPLETE attribute is not disabled on an HTML FORM/INPUT element containing password type input. Password may be stored in browsers and retrieved.

Browsers will sometimes ask a user if they wish to remember the password that they just entered. The browser will then store the password, and automatically enter it whenever the same authentication form is visited. This is a convenience for the user. Additionally, some websites will offer custom “remember me” functionality to allow users to persist log ins on a specific client system.
Having the browser store passwords is not only a convenience for end users, but also for an attacker. If an attacker can gain access to the victim's browser (e.g. through a Cross Site Scripting attack, or through a shared computer), then that can retrieve the stored passwords. It is not uncommon for browsers to store these passwords in an easily retrievable manner, but even if the browser were to store the passwords encrypted and only retrievable through the use of a master password, an attacker could retrieve the password by visiting the target web application's authentication form, entering the victim's username, and letting the browser to enter the password.

To prevent browsers from storing credentials entered into HTML forms, include the attribute autocomplete="off" within the FORM tag (to protect all form fields) or within the relevant INPUT tags (to protect specific individual fields).
Please note that modern web browsers may ignore this directive. In spite of this there is a chance that not disabling autocomplete may cause problems obtaining PCI compliance.

A few places in Lyo have a declarative provider declaration: https://github.com/search?q=org%3Aeclipse+applicationConfigLocation&type=Code

This is a Wink-specific feature: https://wink.apache.org/documentation/1.1.1/html/5.1%20Registration%20and%20Configuration.html

Repositories in webapp's pom.xml (https://github.com/eclipse/lyo.server/blob/master/oauth-webapp/pom.xml)
http://oauth.googlecode.com/svn/code/maven

When I try it, there's nothing at the address.

404. That’s an error.

The requested URL /svn/code/maven was not found on this server. That’s all we know.

So I'm trying to figure out, is this just a temporary issue? If not, then what's a suitable replacement for this? Is that the same as this? https://mvnrepository.com/artifact/net.oauth.core/oauth

Hello Experts,
Does Eclipse Lyo support OAuth 2.0, read some where latest version support OAuth 2.0.
If it doesn't, which libraries do you suggest to use with Eclipse Lyo OSLC for OAuth 2.0 implementation?

Thanks,
Goutham

https://travis-ci.org/eclipse/lyo.server/jobs/487235455