I would love implementing the mp jwt spec at Geronimo. But I've not closely followed the discussions and current state. So I cannot really make an educated guess right now about whether it already makes sense to implement it.
Although I think it cannot be wrong to start tinkering with it in a seperate component. And then we know a lot better what it is able to and what not. This is not yet a guarantee that we release anything in that direction. But by playing with it we don't loose anything. An the worst case we learn a lot ;) LieGrue, strub > Am 30.07.2017 um 23:58 schrieb Romain Manni-Bucau <[email protected]>: > > > > Le 30 juil. 2017 23:54, "John D. Ament" <[email protected]> a écrit : > > > On Sun, Jul 30, 2017 at 5:44 PM Romain Manni-Bucau <[email protected]> > wrote: > Is there any actual spec? > > Not sure what you mean. Rhetorical question? > > No no, for now MP is a lot of marketing - server part is nothing for > instance. If no spec but future specs I d wait it is close to release. > > > > For jwt we can impl from scratch, it is not hard and would avoid a big dep > and enable some consistency using jsonb. > > JWT is a lot more complicated than that. It's more than reading the JSON, > but also ensuring proper crypto signatures, on the generation and consumption > side. You need to be able to reach out to other servers to fetch keys and > handle extra validation checks. There's a standard set of claims that's > being requested as well. Yes, the json smart dependency bites, maybe we can > convince the author to switch to the javax.json namespace? > > It is trivial to impl on java once you have json link, ~200 lines for the > needed part. Javax.json is maybe not rigyt bit building on it sounds right - > actually did on johnzon with quite successes. > > > > > > > Le 30 juil. 2017 23:28, "John D. Ament" <[email protected]> a écrit : > All, > > I know Mark brought in Config to Geronimo. We have at least 3 more specs > coming in MP 1.2 (Fault Tolerance, Health, JWT Processing), possibly Metrics > and OpenTracing. > > I have a fully functioning JWT Processing impl based on jose ( > https://bitbucket.org/connect2id/nimbus-jose-jwt/src ) which I'd be happy to > bring over to Geronimo. > > Health is a tricky one, may make sense to start from scratch, or bring in > pieces of the former Sirona podling to start a health checker. > > I had started on a Fault Tolerance implementation, based on the work from > failsafe. However, from talking to the developer offline I'm a bit worried > about relying on Failsafe. > > Any thoughts on bringing these into Geronimo? > > John > >
