Please remove me from the mailing list. thx
> Am 25.02.2019 um 15:28 schrieb Jean-Louis Monteiro <[email protected]>: > > Yes that correct. > You need to plugin that producer and the producer is the one that can > leverage mp-config and the same property names. > > This way, when switching to next TomEE, you only need to yank that producer > and it should work out of the box. > > -- > Jean-Louis Monteiro > http://twitter.com/jlouismonteiro > http://www.tomitribe.com > > > On Mon, Feb 25, 2019 at 10:18 AM COURTAULT Francois < > [email protected]> wrote: > >> Hello Jean-Louis, >> >> I have looked at the samples code. >> As I am using TomEE 7.1.0 (MP JWT 1.0 compliant), I guess I can't use the >> mp.jwt.verify.publickey or mp.jwt.verify.publickey.location and >> mp.jwt.verify.issuer config properties, right ? >> >> Instead, I have to write a XXXMPJWTConfigurationProvider class in order to >> generate a context info having the public key to check the JWT signature, >> right ? >> >> Best Regards. >> >> -----Original Message----- >> From: Jean-Louis Monteiro [mailto:[email protected]] >> Sent: samedi 23 février 2019 11:22 >> To: [email protected] >> Subject: Re: Try to build a JWT sample >> >> Bonjour François, >> >> Is there a way for you to share the project? >> I worked on the JWT implementation and the example, I might be able to >> help. >> -- >> Jean-Louis Monteiro >> >> https://emea01.safelinks.protection.outlook.com/?url=http%3A%2F%2Ftwitter.com%2Fjlouismonteiro&data=02%7C01%7CFrancois.COURTAULT%40gemalto.com%7Cc7d08390db874ae8897408d69978c5fa%7C37d0a9db7c464096bfe31add5b495d6d%7C0%7C0%7C636865141334006978&sdata=ovFBgowFCnAAMD0mMFccdi5ze2SMZPLEPnr9cRDIFqc%3D&reserved=0 >> >> https://emea01.safelinks.protection.outlook.com/?url=http%3A%2F%2Fwww.tomitribe.com&data=02%7C01%7CFrancois.COURTAULT%40gemalto.com%7Cc7d08390db874ae8897408d69978c5fa%7C37d0a9db7c464096bfe31add5b495d6d%7C0%7C0%7C636865141334006978&sdata=we33aDDG%2F2O7KR7Q3yDd7ZyRbgpnYE3p0XEz0OtbjQQ%3D&reserved=0 >> >> >> On Fri, Feb 22, 2019 at 4:56 PM COURTAULT Francois < >> [email protected]> wrote: >> >>> Hello, >>> >>> I try to build a simple sample using TomEE MP 7.1.0 but I get an error >>> and I don't know what's going on or how I can fix that. >>> For that, I have read the microprofile-jwt-auth-spec-1.0.pdf, so in my >>> war application deployed: >>> >>> * I have a public class MPJwtApplication extends Application >>> annotated with @LoginConfig(authMethod = "MP-JWT", realmName = >>> "TCK-MP-JWT") >>> >>> * I have a resource class annotated @Path("resources") >>> @RequestScoped where I have >>> >>> o @Inject private JsonWebToken callerPrincipal; >>> >>> o A @GET public Response test () { System.out.println("JsonWebToken:" >> + >>> callerPrincipal + "."); return Response.ok().build();} >>> >>> >>> >>> In the war deployed, I also have a beans.xml with the following content: >>> >>> <?xml version="1.0" encoding="UTF-8"?> <beans >>> xmlns=" >> https://emea01.safelinks.protection.outlook.com/?url=http%3A%2F%2Fxmlns.jcp.org%2Fxml%2Fns%2Fjavaee&data=02%7C01%7CFrancois.COURTAULT%40gemalto.com%7Cc7d08390db874ae8897408d69978c5fa%7C37d0a9db7c464096bfe31add5b495d6d%7C0%7C0%7C636865141334006978&sdata=SguBgQ1i0q3857p347Kz5DUEBQg0rPB87HEf9RhDLfo%3D&reserved=0 >> " >>> xmlns:xsi=" >> https://emea01.safelinks.protection.outlook.com/?url=http%3A%2F%2Fwww.w3.org%2F2001%2FXMLSchema-instance&data=02%7C01%7CFrancois.COURTAULT%40gemalto.com%7Cc7d08390db874ae8897408d69978c5fa%7C37d0a9db7c464096bfe31add5b495d6d%7C0%7C0%7C636865141334006978&sdata=b7SQw7g52Y8goyvKLR78uR9so5q2D%2BPZH5bAMl%2Bsh1Y%3D&reserved=0 >> " >>> >>> xsi:schemaLocation="https://emea01.safelinks.protection.outlook.com/?u >>> rl=http%3A%2F%2Fxmlns.jcp.org%2Fxml%2Fns%2Fjavaee&data=02%7C01%7CF >>> rancois.COURTAULT%40gemalto.com%7Cc7d08390db874ae8897408d69978c5fa%7C3 >>> 7d0a9db7c464096bfe31add5b495d6d%7C0%7C0%7C636865141334006978&sdata >>> =SguBgQ1i0q3857p347Kz5DUEBQg0rPB87HEf9RhDLfo%3D&reserved=0 >>> >> https://emea01.safelinks.protection.outlook.com/?url=http%3A%2F%2Fxmlns.jcp.org%2Fxml%2Fns%2Fjavaee%2Fbeans_1_1.xsd&data=02%7C01%7CFrancois.COURTAULT%40gemalto.com%7Cc7d08390db874ae8897408d69978c5fa%7C37d0a9db7c464096bfe31add5b495d6d%7C0%7C0%7C636865141334006978&sdata=UAMyzrxk%2BU2%2BMxNBvKe%2FFGTkQmFj7xq%2BtJC8YFrWWuk%3D&reserved=0 >> " >>> bean-discovery-mode="all"> >>> >>> </beans> >>> >>> >>> >>> Using Soap UI, I send a GET HTTP request with an Authorization header: >>> bearer <JWT Base 64 encoded>, the error I get is: >>> >>> 22-Feb-2019 15:32:43.729 WARNING [http-nio-8080-exec-20] >>> org.apache.cxf.phase.PhaseInterceptorChain.doDefaultLogging >>> Application { >>> https://emea01.safelinks.protection.outlook.com/?url=http%3A%2F%2Fjwt. >>> mp%2F&data=02%7C01%7CFrancois.COURTAULT%40gemalto.com%7Cc7d08390db >>> 874ae8897408d69978c5fa%7C37d0a9db7c464096bfe31add5b495d6d%7C0%7C0%7C63 >>> 6865141334006978&sdata=5gjcfEjv5a%2BqTNyXk1ztdt1pnLE5JIevOexg28%2F >>> cWlU%3D&reserved=0}MPJwtResource has thrown exception, unwinding >>> now >>> org.apache.cxf.interceptor.Fault: WebBeans producer : currentPrincipal >>> return type in the component implementation class : >>> org.apache.tomee.microprofile.jwt.cdi.MPJWTProducer scope type must be >>> @Dependent to create null instance >>> >>> >>> >>> I was expecting to have the callerPrincipal set to null but why this >>> CDI @Dependent scope error stuff ? >>> >>> >>> Any idea ? >>> >>> Best Regards. >>> ________________________________ >>> This message and any attachments are intended solely for the >>> addressees and may contain confidential information. Any unauthorized >>> use or disclosure, either whole or partial, is prohibited. >>> E-mails are susceptible to alteration. Our company shall not be liable >>> for the message if altered, changed or falsified. If you are not the >>> intended recipient of this message, please delete it and notify the >> sender. >>> Although all reasonable efforts have been made to keep this >>> transmission free from viruses, the sender will not be liable for >>> damages caused by a transmitted virus. >>> >> ________________________________ >> This message and any attachments are intended solely for the addressees >> and may contain confidential information. Any unauthorized use or >> disclosure, either whole or partial, is prohibited. >> E-mails are susceptible to alteration. Our company shall not be liable for >> the message if altered, changed or falsified. If you are not the intended >> recipient of this message, please delete it and notify the sender. >> Although all reasonable efforts have been made to keep this transmission >> free from viruses, the sender will not be liable for damages caused by a >> transmitted virus. >>
