Hello,
I've just started writing a CXF REST Client and had a look at JAX-RS JOSE for
using JWT with JWS.
Unfortunately I'm not sure how to use it after reading the documentation at:
http://cxf.apache.org/docs/jax-rs-jose.html
I need a login with user/password and authenticate against my own data store.
After that I would like to use JWT for all subsequent requests to the other
REST Services.
I'm not sure which filters and providers I have to use and how they can be
configured to be used only for all other Services excluding the login?
My setup uses an Application implementation to register the services, providers
etc.
I tried exending JwtAuthenticationFilter and adding a NameBinding but this
seems to be ignored and still be used for the login service.
My idea is to let the LoginService implement JoseJwtProducer, check user and
password and than issue a JwtToken in response to be used for further requests.
This token should get checked in the AuthenticationFilter.
Another question: How do I initialize they Keys for JOSE in my case?
My environment: CXF 3.1.16 running in Embedded Jetty in Equinox OSGi for
testing.
Any help is appreciated even if somebody can only answer one of my questions.
Kind regards,
Rabea