Hi Rabea, What I'd suggest is to have a separate service for handling the initial login and issuing a JWT. Then the services just need to be configured with the JwtAuthenticationFilter, for example:
https://github.com/apache/cxf/blob/7d3cf5784f116f8882badde4f5cb4cb3fd5b03b2/systests/rs-security/src/test/resources/org/apache/cxf/systest/jaxrs/security/jose/jwt/authn-authz-server.xml#L43 One candidate you could use for the separate authentication service is to re-use the CXF SecurityTokenService with a REST interface. For example see this test: https://github.com/apache/cxf/blob/7d3cf5784f116f8882badde4f5cb4cb3fd5b03b2/services/sts/systests/basic/src/test/java/org/apache/cxf/systest/sts/rest/STSRESTTest.java#L874 where the STS configuration is defined here: https://github.com/apache/cxf/blob/7d3cf5784f116f8882badde4f5cb4cb3fd5b03b2/services/sts/systests/basic/src/test/resources/org/apache/cxf/systest/sts/rest/cxf-rest-sts.xml Colm. On Fri, Aug 10, 2018 at 1:02 PM, Rabea Gransberger <rgransber...@gmx.de> wrote: > Hello, > > I've just started writing a CXF REST Client and had a look at JAX-RS JOSE > for using JWT with JWS. > > Unfortunately I'm not sure how to use it after reading the documentation > at: http://cxf.apache.org/docs/jax-rs-jose.html > > I need a login with user/password and authenticate against my own data > store. > After that I would like to use JWT for all subsequent requests to the > other REST Services. > > I'm not sure which filters and providers I have to use and how they can be > configured to be used only for all other Services excluding the login? > > My setup uses an Application implementation to register the services, > providers etc. > > I tried exending JwtAuthenticationFilter and adding a NameBinding but this > seems to be ignored and still be used for the login service. > > My idea is to let the LoginService implement JoseJwtProducer, check user > and password and than issue a JwtToken in response to be used for further > requests. This token should get checked in the AuthenticationFilter. > > Another question: How do I initialize they Keys for JOSE in my case? > > My environment: CXF 3.1.16 running in Embedded Jetty in Equinox OSGi for > testing. > > Any help is appreciated even if somebody can only answer one of my > questions. > > Kind regards, > Rabea > -- Colm O hEigeartaigh Talend Community Coder http://coders.talend.com