Hi,
my current version of CAS is 6.6.0.
I'm using JWT with CAS and I set these configs:
cas.authn.token.crypto.enabled=true
cas.authn.token.crypto.encryptionEnabled=true
cas.authn.token.crypto.signingEnabled=true
cas.authn.token.crypto.alg=A256CBC-HS512
cas.authn.token.crypto.signing.key=***
cas.authn.token.crypto.signing.keySize=512
cas.authn.token.crypto.encryption.key=***
cas.authn.token.crypto.encryption.keySize=512
When I do login ona a specific service, CAS generates a valid JWT, but in
the header it puts a random "kid" each time:
{
"alg": "HS512",
"typ": "JWT",
*"kid": "56179e82-c6cb-4661-a181-aa2a6fb8b3c7"*
}
So I can't validate this JWT with a jwk url, because the "kid" change each
time. Is there a way to generate a static "kid"? I'm missing some
configurations?
With CAS 6.5.2 the "kid" isn't generate at all with the same configuration.
--
- Website: https://apereo.github.io/cas
- Gitter Chatroom: https://gitter.im/apereo/cas
- List Guidelines: https://goo.gl/1VRrw7
- Contributions: https://goo.gl/mh7qDG
---
You received this message because you are subscribed to the Google Groups "CAS
Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to cas-user+unsubscr...@apereo.org.
To view this discussion on the web visit
https://groups.google.com/a/apereo.org/d/msgid/cas-user/4ad64655-9fcd-4818-95af-4befa1d692f3n%40apereo.org.
