[
https://issues.apache.org/jira/browse/AMQ-9244?focusedWorklogId=979084&page=com.atlassian.jira.plugin.system.issuetabpanels:worklog-tabpanel#worklog-979084
]
ASF GitHub Bot logged work on AMQ-9244:
---------------------------------------
Author: ASF GitHub Bot
Created on: 15/Aug/25 23:07
Start Date: 15/Aug/25 23:07
Worklog Time Spent: 10m
Work Description: mattrpav commented on PR #1480:
URL: https://github.com/apache/activemq/pull/1480#issuecomment-3192969317
I like the idea of a standard oauth2 plugin for authn, but it could be
tricky without a bunch of provider specific plugins to re-work request and
response handler payloads b/c there are subtle differences. Might need that
layer to be pluggable/highly configurable.
Using scope claims for groups (ie authz) is tricky, because some providers
limit the number of available groups provided in the token—- which means users
can’t rely on those tokens for group membership and need to make secondary
lookups for group/role info to a non-standard API.
The flow is simple enough that it would be great if we could use the JDK
http client.
Issue Time Tracking
-------------------
Worklog Id: (was: 979084)
Time Spent: 3h 20m (was: 3h 10m)
> Add JWT authentication plugin
> -----------------------------
>
> Key: AMQ-9244
> URL: https://issues.apache.org/jira/browse/AMQ-9244
> Project: ActiveMQ Classic
> Issue Type: Task
> Components: Security/JAAS
> Reporter: Jean-Baptiste Onofré
> Assignee: Jean-Baptiste Onofré
> Priority: Major
> Time Spent: 3h 20m
> Remaining Estimate: 0h
>
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
For further information, visit: https://activemq.apache.org/contact
