Re: Kerby JWT support

On Tue, Jul 4, 2017 at 3:16 AM, Li, Jiajia wrote: > > Which information in KdcRequest is used? I think the KdcRequest can be > replaced by some class really used in getting AuthorizationData. > Currently I'm using "kdcRequest.isToken()" and "kdcRequest.getToken()". I guess

RE: Kerby JWT support

> Currently I'm using "kdcRequest.isToken()" and "kdcRequest.getToken()". I > guess we could change > the method to just take the kdcRequest.getToken()? Yes, set the AuthToken as the parameter of getIdentityAuthorizationData is a good choice. Thanks Jiajia -Original Message- From:

Re: Kerby JWT support

The problem with this is that it might be too restrictive. What if you wanted access to the client principal or the client address etc. when creating the AuthorizationData? Maybe we could create a new class in kerb-core that encapsulates some of these things that could be used instead? Colm. On

RE: Kerby JWT support

> Maybe we could create a new class in kerb-core that encapsulates some of > these things that could > be used instead? It's a good idea. Thanks Jiajia -Original Message- From: Colm O hEigeartaigh [mailto:cohei...@apache.org] Sent: Tuesday, July 4, 2017 9:54 PM To: