OWB enable to do it - we did it in geronimo impl to pass tck of jwt auth
spec.

Le mer. 26 sept. 2018 03:28, Roberto Cortez <radcor...@yahoo.com.invalid> a
écrit :

> Hi,
>
> I’ve done some work to push our MP JWT implementation from 1.0 to 1.1.
>
> You can check it here:
> https://github.com/apache/tomee/pull/173 <
> https://github.com/apache/tomee/pull/173>
>
> There are still a couple of tests in the TCK that I have to fix and a few
> things that I would like to improve, but I think the majority of the work
> is done.
>
> Some time ago, there was a discussion in the list about how to integrate
> MP JWT with EE security:
>
> http://tomee-openejb.979440.n4.nabble.com/Implementing-Microprofile-JWT-td4683212i40.html
> <
> http://tomee-openejb.979440.n4.nabble.com/Implementing-Microprofile-JWT-td4683212i40.html
> >
>
> I believe we need to revisit that conversation and figure out how to move
> forward.
>
> Right now for instance, we don’t support injecting a JWT Principal since
> it clashes with the predefined by CDI. Most likely, we would need to plugin
> the JWT Principal lookup in TomcatSecurityService. I’m not sure if we want
> to do it in that way, or if we want to think in something else.
>
> Cheers,
> Roberto

Reply via email to