Hello,
 
I've just started writing a CXF REST Client and had a look at JAX-RS JOSE for 
using JWT with JWS.
 
Unfortunately I'm not sure how to use it after reading the documentation at: 
http://cxf.apache.org/docs/jax-rs-jose.html
 
I need a login with user/password and authenticate against my own data store.
After that I would like to use JWT for all subsequent requests to the other 
REST Services.
 
I'm not sure which filters and providers I have to use and how they can be 
configured to be used only for all other Services excluding the login?
 
My setup uses an Application implementation to register the services, providers 
etc.
 
I tried exending JwtAuthenticationFilter and adding a NameBinding but this 
seems to be ignored and still be used for the login service.
 
My idea is to let the LoginService implement JoseJwtProducer, check user and 
password and than issue a JwtToken in response to be used for further requests. 
This token should get checked in the AuthenticationFilter.
 
Another question: How do I initialize they Keys for JOSE in my case?
 
My environment: CXF 3.1.16 running in Embedded Jetty in Equinox OSGi for 
testing.
 
Any help is appreciated even if somebody can only answer one of my questions.
 
Kind regards,
Rabea

Reply via email to