Thanks David for the work! The CI looks good (compared to main): https://ci-builds.apache.org/job/Tomee/job/TOMEE-4050/
Gruß Richard Am Montag, dem 03.10.2022 um 21:47 +0200 schrieb Jean-Louis Monteiro: > That sounds great. > Good feature in addition to the bean validation support for claims. > > Thanks David for the hard work on this. > > Only missing part is OpenTracaing as far as I know. > -- > Jean-Louis Monteiro > http://twitter.com/jlouismonteiro > http://www.tomitribe.com > > > On Mon, Oct 3, 2022 at 6:58 PM David Blevins <[email protected] > > > wrote: > > > Hey All, > > > > Provided we can get a good CI build on this PR, we're done with MP > > JWT and > > have some new functionality I'm pretty proud of and had a great > > time > > working on. > > > > - https://github.com/apache/tomee/pull/926 > > > > The new functionality in a nutshell is the ability to dynamically > > resolve > > and rotate JWT validation keys at runtime. It is enabled by > > default for > > HTTP key locations, but can be enabled for any key location. > > > > There's a full set of itests that verify our error handling and > > logging > > for all the various failure/recovery scenarios I could think > > of. Here's a > > good example: > > > > - > > https://github.com/apache/tomee/blob/TOMEE-4050/itests/microprofile-jwt-itests/src/test/java/org/apache/tomee/microprofile/jwt/itest/keys/http/HttpKeyRotationHttp500Test.java > > > > I also wrote up a doc for MP JWT and our custom config properties: > > > > - > > https://github.com/apache/tomee/blob/TOMEE-4050/docs/microprofile/jwt.adoc > > > > If you have a fleet of servers, don't want to hardcode the keys in > > the app > > and need requests to work reliably even when errors occur in key > > rotation, > > this is your feature. > > > > > > -David > > > >
smime.p7s
Description: S/MIME cryptographic signature
