OWB enable to do it - we did it in geronimo impl to pass tck of jwt auth spec.
Le mer. 26 sept. 2018 03:28, Roberto Cortez <radcor...@yahoo.com.invalid> a écrit : > Hi, > > I’ve done some work to push our MP JWT implementation from 1.0 to 1.1. > > You can check it here: > https://github.com/apache/tomee/pull/173 < > https://github.com/apache/tomee/pull/173> > > There are still a couple of tests in the TCK that I have to fix and a few > things that I would like to improve, but I think the majority of the work > is done. > > Some time ago, there was a discussion in the list about how to integrate > MP JWT with EE security: > > http://tomee-openejb.979440.n4.nabble.com/Implementing-Microprofile-JWT-td4683212i40.html > < > http://tomee-openejb.979440.n4.nabble.com/Implementing-Microprofile-JWT-td4683212i40.html > > > > I believe we need to revisit that conversation and figure out how to move > forward. > > Right now for instance, we don’t support injecting a JWT Principal since > it clashes with the predefined by CDI. Most likely, we would need to plugin > the JWT Principal lookup in TomcatSecurityService. I’m not sure if we want > to do it in that way, or if we want to think in something else. > > Cheers, > Roberto