NO, I do not think any of the products have a JWT authenticator, +1 for
having this in DSS, AS and ESB. Here are my suggestion to improve this.
#1. Have signature validation enabled. We can not trust a JWT assertion
until we validate the signature.
#2. Have a Config UI to:
a. Upload the certificate/s for signature validation.
b. Enable/Disable JWT Authentication for services.
Here the #2 is a must to get this working in multi-tenant mode.
On Fri, Apr 11, 2014 at 8:38 AM, Anjana Fernando <anj...@wso2.com> wrote:
> @Sumedha, do we have any similar functionality at the moment with any APIM
> integration efforts to other products? ..
>
> Cheers,
> Anjana.
>
>
> On Fri, Apr 11, 2014 at 1:45 AM, Shani Ranasinghe <sh...@wso2.com> wrote:
>
>> Hi,
>>
>> Please use this file for your reference and ignore the previous. Sorry
>> for the inconvenience.
>>
>>
>> On Thu, Apr 10, 2014 at 1:12 PM, Shani Ranasinghe <sh...@wso2.com> wrote:
>>
>>> Hi,
>>>
>>> Please find an axis2 handler I have written for DSS, which is capable of
>>> extracting the JWT token and performing operations based on it. DSS
>>> currently does not have an inbuilt support to handle JWT tokens. For now, I
>>> have only done this for user name extraction. I have a method which
>>> extracts the user name from the JWT token and adds it to the message
>>> context.
>>>
>>> The reason for this is to enable security , with user name token, and in
>>> a case that we send a JWT token and expect underlying services from APIM
>>> onwards to be trusted, we need to make use of this JWT token and carry on
>>> the rest of the operations.
>>>
>>> The reason for the inception of this process is that, I needed a way to
>>> extract the JWT user name and use it for DSS security and thereby use the
>>> content filtering capability of DSS.
>>>
>>> I have attached the axis2 handler, and as per Anjana's suggestion, could
>>> we add this to the platform and have this commented by default in axi2.xml ?
>>>
>>> Please let me know if there are any improvement points that I could use
>>> for this piece of code.
>>>
>>> --
>>> Thanks and Regards
>>> *, Shani Ranasinghe*
>>> Software Engineer
>>> WSO2 Inc.; http://wso2.com
>>> lean.enterprise.middleware
>>>
>>> mobile: +94 77 2273555
>>> linked in: lk.linkedin.com/pub/shani-ranasinghe/34/111/ab
>>>
>>
>>
>>
>> --
>> Thanks and Regards
>> *,Shani Ranasinghe*
>> Software Engineer
>> WSO2 Inc.; http://wso2.com
>> lean.enterprise.middleware
>>
>> mobile: +94 77 2273555
>> linked in: lk.linkedin.com/pub/shani-ranasinghe/34/111/ab
>>
>
>
>
> --
> *Anjana Fernando*
> Technical Lead
> WSO2 Inc. | http://wso2.com
> lean . enterprise . middleware
>
> _______________________________________________
> Dev mailing list
> Dev@wso2.org
> http://wso2.org/cgi-bin/mailman/listinfo/dev
>
>
--
Suresh Attanayake
Senior Software Engineer; WSO2 Inc. http://wso2.com/
Blog : http://sureshatt.blogspot.com/
Web : http://www.ssoarcade.com/
Facebook : https://www.facebook.com/IdentityWorld
Twitter : https://twitter.com/sureshatt
LinkedIn : http://lk.linkedin.com/in/sureshatt
Mobile : +94755012060
Mobile : +016166171172
_______________________________________________
Dev mailing list
Dev@wso2.org
http://wso2.org/cgi-bin/mailman/listinfo/dev
