Hi Rabea,

What I'd suggest is to have a separate service for handling the initial
login and issuing a JWT. Then the services just need to be configured with
the JwtAuthenticationFilter, for example:

https://github.com/apache/cxf/blob/7d3cf5784f116f8882badde4f5cb4cb3fd5b03b2/systests/rs-security/src/test/resources/org/apache/cxf/systest/jaxrs/security/jose/jwt/authn-authz-server.xml#L43

One candidate you could use for the separate authentication service is to
re-use the CXF SecurityTokenService with a REST interface. For example see
this test:

https://github.com/apache/cxf/blob/7d3cf5784f116f8882badde4f5cb4cb3fd5b03b2/services/sts/systests/basic/src/test/java/org/apache/cxf/systest/sts/rest/STSRESTTest.java#L874

where the STS configuration is defined here:

https://github.com/apache/cxf/blob/7d3cf5784f116f8882badde4f5cb4cb3fd5b03b2/services/sts/systests/basic/src/test/resources/org/apache/cxf/systest/sts/rest/cxf-rest-sts.xml

Colm.

On Fri, Aug 10, 2018 at 1:02 PM, Rabea Gransberger <rgransber...@gmx.de>
wrote:

> Hello,
>
> I've just started writing a CXF REST Client and had a look at JAX-RS JOSE
> for using JWT with JWS.
>
> Unfortunately I'm not sure how to use it after reading the documentation
> at: http://cxf.apache.org/docs/jax-rs-jose.html
>
> I need a login with user/password and authenticate against my own data
> store.
> After that I would like to use JWT for all subsequent requests to the
> other REST Services.
>
> I'm not sure which filters and providers I have to use and how they can be
> configured to be used only for all other Services excluding the login?
>
> My setup uses an Application implementation to register the services,
> providers etc.
>
> I tried exending JwtAuthenticationFilter and adding a NameBinding but this
> seems to be ignored and still be used for the login service.
>
> My idea is to let the LoginService implement JoseJwtProducer, check user
> and password and than issue a JwtToken in response to be used for further
> requests. This token should get checked in the AuthenticationFilter.
>
> Another question: How do I initialize they Keys for JOSE in my case?
>
> My environment: CXF 3.1.16 running in Embedded Jetty in Equinox OSGi for
> testing.
>
> Any help is appreciated even if somebody can only answer one of my
> questions.
>
> Kind regards,
> Rabea
>



-- 
Colm O hEigeartaigh

Talend Community Coder
http://coders.talend.com

Reply via email to