Please, go ahead. Let me know if need anything. Thanks!
> On 16 Oct 2018, at 21:53, Jonathan Gallimore <jonathan.gallim...@gmail.com>
> wrote:
>
> Any objection if I pick this up and have a go at the last tests, or is
> someone already working on this?
>
> On Thu, Sep 27, 2018 at 5:44 PM Romain Manni-Bucau <rmannibu...@gmail.com>
> wrote:
>
>> Yep this feature. Then it must works since we support user principal if the
>> jwt filter is corretly placed in the filter chain and we must inherit from
>> the request principal.
>>
>> Le jeu. 27 sept. 2018 18:37, Roberto Cortez <radcor...@yahoo.com.invalid>
>> a
>> écrit :
>>
>>> I guess you are referring to this, to remove the proxy?
>>>
>>>
>> https://github.com/apache/openwebbeans/commit/a21a949fb19247dcc39ee89292a1554b2cf1388e
>>> <
>>>
>> https://github.com/apache/openwebbeans/commit/a21a949fb19247dcc39ee89292a1554b2cf1388e
>>>>
>>>
>>> Yes, this one step.
>>>
>>> By default, we do inject the generic Principal of Tomcat. We probably
>> need
>>> to check first about the existence of a JWT Principal and then fallback
>> to
>>> the Tomcat one. I think I know how to do it, I was just trying to broaden
>>> up the conversation about general integration with EE security.
>>>
>>> Cheers,
>>> Roberto
>>>
>>>> On 26 Sep 2018, at 07:21, Romain Manni-Bucau <rmannibu...@gmail.com>
>>> wrote:
>>>>
>>>> OWB enable to do it - we did it in geronimo impl to pass tck of jwt
>> auth
>>>> spec.
>>>>
>>>> Le mer. 26 sept. 2018 03:28, Roberto Cortez
>> <radcor...@yahoo.com.invalid>
>>> a
>>>> écrit :
>>>>
>>>>> Hi,
>>>>>
>>>>> I’ve done some work to push our MP JWT implementation from 1.0 to 1.1.
>>>>>
>>>>> You can check it here:
>>>>> https://github.com/apache/tomee/pull/173 <
>>>>> https://github.com/apache/tomee/pull/173>
>>>>>
>>>>> There are still a couple of tests in the TCK that I have to fix and a
>>> few
>>>>> things that I would like to improve, but I think the majority of the
>>> work
>>>>> is done.
>>>>>
>>>>> Some time ago, there was a discussion in the list about how to
>> integrate
>>>>> MP JWT with EE security:
>>>>>
>>>>>
>>>
>> http://tomee-openejb.979440.n4.nabble.com/Implementing-Microprofile-JWT-td4683212i40.html
>>>>> <
>>>>>
>>>
>> http://tomee-openejb.979440.n4.nabble.com/Implementing-Microprofile-JWT-td4683212i40.html
>>>>>>
>>>>>
>>>>> I believe we need to revisit that conversation and figure out how to
>>> move
>>>>> forward.
>>>>>
>>>>> Right now for instance, we don’t support injecting a JWT Principal
>> since
>>>>> it clashes with the predefined by CDI. Most likely, we would need to
>>> plugin
>>>>> the JWT Principal lookup in TomcatSecurityService. I’m not sure if we
>>> want
>>>>> to do it in that way, or if we want to think in something else.
>>>>>
>>>>> Cheers,
>>>>> Roberto
>>>
>>>
>>
