Hi Matthew, it is an impl of https://github.com/eclipse/microprofile-jwt-auth
Normally with a JWT you can drop these things as well - can need some wrapper to handle the representation in a less raw way but nothing crazy. Romain Manni-Bucau @rmannibucau <https://twitter.com/rmannibucau> | Blog <https://rmannibucau.metawerx.net/> | Old Blog <http://rmannibucau.wordpress.com> | Github <https://github.com/rmannibucau> | LinkedIn <https://www.linkedin.com/in/rmannibucau> | Book <https://www.packtpub.com/application-development/java-ee-8-high-performance> 2018-03-28 10:10 GMT+02:00 Matthew Broadhead <[email protected] >: > is this about JSON web tokens or some other JWT? > is this JWT library similar to something like the keycloak tomcat adapter? > http://www.keycloak.org/docs/2.5/securing_apps/topics/oidc/j > ava/tomcat-adapter.html > if so is there a specification on this and do different IDPs handle this > differently. i.e. if TomEE had a JWT adapter would it no longer need the > keycloak adapter? > for instance the keycloak includes structures like UserRepresentation, > RoleRepresentation, CredentialRepresentation. would this be handled in a > new JWT lib? > > > On 28/03/2018 07:13, Romain Manni-Bucau wrote: > >> Roberto PR *is* merged JL. >> He did the work to be able to consume any CDI "container" lib. >> >> So I'd just extract the code as we discussed together in G before that >> mess >> and move forward to keep TCK and add the lib in the MP distro Roberto >> created to fit that design. >> >> As soon as you imported the lib in G, I will make sure to help to make it >> releasable. >> >> As the ee concurrency utilities dev I can guarantee you it is wrong to put >> it in TomEE :( - mea culpa here. >> >> I can understand the "i cant commit" but you can PR and several of these >> objections are coming from people willing RTC which leads to the same >> blocking state so not sure I get the rational to break projects here and >> make them messy which would deserve asf IMHO. >> >> Le 27 mars 2018 23:37, "Jonathan Gallimore" <[email protected] >> > >> a écrit : >> >> If it can sit in its own repository, and that improves re-usability, that >>> sounds like a good thing to me. I'd be happy with that under the TomEE >>> TLP. >>> I am sure some folks will prefer to see it under Geronimo. I am a TomEE >>> committer, I am not yet a Geronimo committer (maybe someday....) so I >>> would >>> lean towards TomEE. Wherever it sits, it needs to be possible to work on >>> it >>> without being blocked. >>> >>> Jon >>> >>> On Tue, Mar 27, 2018 at 10:27 PM, Jean-Louis Monteiro < >>> [email protected]> wrote: >>> >>> What about this vote David? >>>> >>>> Roberto's PR for MP-Config integration and mine about MP-JWT are still >>>> >>> not >>> >>>> merged. >>>> Most of the JWT code is server independent and therefor could be >>>> >>> extracted >>> >>>> into a separate library. >>>> >>>> So where the code sits is definitely a question we need to address. >>>> I don't believe the current TomEE repo is a good home. >>>> >>>> TomEE as the Apache TLP can on the other hand become an home. >>>> We only need another another repo where we could put some reusable code. >>>> >>>> There are a couple of utility classes in TomEE that could also become a >>>> reusable library. >>>> I have prepared and pushed the 2 PRs for Chatterbox and Sheldon >>>> donation. >>>> >>>> So I would probably propose to create a dedicated git repo where we >>>> could >>>> put all the reusable parts. >>>> One benefit I see is that we could make the TomEE codebase a bit >>>> lighter. >>>> >>>> What do you guys think? >>>> >>>> >>>> >>>> -- >>>> Jean-Louis Monteiro >>>> http://twitter.com/jlouismonteiro >>>> http://www.tomitribe.com >>>> >>>> On Thu, Mar 22, 2018 at 10:47 AM, Matthew Broadhead < >>>> [email protected]> wrote: >>>> >>>> does this mean a reusable JWT library external to TomEE, or within the >>>>> TomEE project? >>>>> i have to agree with previous statements i read that TomEE is a bundle >>>>> >>>> of >>> >>>> libraries and not really the place to locate reusable pluggable >>>>> >>>> projects. >>> >>>> it is more like the place where you might plug a project in once it is >>>>> working >>>>> >>>>> >>>>> On 19/03/2018 11:39, Jonathan Gallimore wrote: >>>>> >>>>> What's the other vote ("Geronimo one")? >>>>>> >>>>>> Jon >>>>>> >>>>>> On Mon, Mar 19, 2018 at 6:33 AM, Romain Manni-Bucau < >>>>>> [email protected]> >>>>>> wrote: >>>>>> >>>>>> Hey David, >>>>>> >>>>>>> How does this vote relates to the geronimo one you launched? >>>>>>> >>>>>>> Are they purely concurrent or can they be conditional one for the >>>>>>> >>>>>> other? >>>> >>>>> >>>>>>> Le 19 mars 2018 01:03, "David Blevins" <[email protected]> a >>>>>>> écrit : >>>>>>> >>>>>>> The vote for merging PR 123 does not address community will on what >>>>>>> >>>>>> to >>> >>>> do >>>> >>>>> with the code beyond merging it. One can realistically vote +1 to >>>>>>>> >>>>>>> merge >>>> >>>>> the code, but then desire to see the code cleaned up and moved >>>>>>>> elsewhere. >>>>>>>> One can realistically desire seeing an attempt to clean up the code >>>>>>>> >>>>>>> to >>> >>>> find >>>>>>> >>>>>>> what is reusable and may wish to withhold a final decision until we >>>>>>>> >>>>>>> see >>>> >>>>> how >>>>>>> >>>>>>> fruitful such a module would be. >>>>>>>> >>>>>>>> Out of respect for people who may not know exactly how they feel >>>>>>>> >>>>>>> (TomEE >>>> >>>>> or >>>>>>> >>>>>>> Geronimo), this is a vote for the latter. >>>>>>>> >>>>>>>> Vote: Should we attempt to extract code from the JWT PR to see what >>>>>>>> >>>>>>> is >>> >>>> reusable and how successful such a jar would be? >>>>>>>> >>>>>>>> +1 Let's give it a shot here >>>>>>>> +-0 >>>>>>>> -1 Let's do this elsewhere >>>>>>>> >>>>>>>> If the vote is +1 to attempt an extraction of reusable code here, >>>>>>>> >>>>>>> final >>>> >>>>> conclusion of if that extraction is worth it or where it should live >>>>>>>> >>>>>>> is >>>> >>>>> not >>>>>>> >>>>>>> being voted on. People are welcome to decide differently based on >>>>>>>> >>>>>>> the >>> >>>> results of the exercise. >>>>>>>> >>>>>>>> >>>>>>>> -David >>>>>>>> >>>>>>>> >>>>>>>> >>>>>>>> >
