Yes, at the moment the we only support receiving a token provided in the Authentication header field. We don't provide the standard endpoints for token acquisition and refresh.
On Fri, Oct 4, 2019 at 4:14 PM John Blum <jb...@pivotal.io> wrote: > So application developer's will need to know to code their application > client's to lookup the JWT token (from some store) and set HTTP request > headers to send the token, or will this be handled automatically by a geode > client? > > On Fri, Oct 4, 2019 at 11:37 AM Jinmei Liao <jil...@pivotal.io> wrote: > > > yes, correct, we are assuming the client will have the token available > > somehow and send in the token in the authentication header. We are not > > doing anything with actual token management. > > > > On Fri, Oct 4, 2019 at 11:34 AM Jens Deppe <jde...@pivotal.io> wrote: > > > > > So, to be clear, we're providing the ability to recognize a HTTP > > > authentication header containing 'Bearer <some encoded token string>' > and > > > then handing that to the Security Manager to do with as it pleases? > > > > > > We're not doing anything with actual token management? (i.e. > generating, > > > revoking, etc.). > > > > > > --Jens > > > > > > On Fri, Oct 4, 2019 at 10:59 AM Jinmei Liao <jil...@pivotal.io> wrote: > > > > > > > Hi, all > > > > > > > > JWT token based authentication support is added to Geode develop > > branch. > > > > Currently only management v2 rest api can use this (we can add dev > rest > > > > there too if requested). In order to turn on token based auth for > > > > management rest api, you will need to do these two things: > > > > 1. start your locator with this property: > > > > *security-auth-token-enabled-components = all (or management)* > > > > 2. implement your SecurityManager to authenticate the jwt token > passed > > > in. > > > > The jwt token will be available in the properties using the key > > > > "security-token". > > > > > > > > Let me know if you have any questions. > > > > > > > > -- > > > > Cheers > > > > > > > > Jinmei > > > > > > > > > > > > > -- > > Cheers > > > > Jinmei > > > > > -- > -John > john.blum10101 (skype) > -- *Joris Melchior * CF Engineering Pivotal Toronto 416 877 5427 “Programs must be written for people to read, and only incidentally for machines to execute.” – *Hal Abelson* <https://en.wikipedia.org/wiki/Hal_Abelson>
