[jbossts-issues] [JBoss JIRA] (JBTM-3309) Investigate using MicroProfile JSON Web Token to secure interaction with an LRA coordinator
Mayank Kunwar (Jira)
issues at jboss.org
Mon Jun 15 08:41:10 EDT 2020
[ https://issues.redhat.com/browse/JBTM-3309?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Mayank Kunwar updated JBTM-3309:
--------------------------------
Status: Pull Request Sent (was: Open)
Git Pull Request: https://github.com/jbosstm/narayana/pull/1636
> Investigate using MicroProfile JSON Web Token to secure interaction with an LRA coordinator
> -------------------------------------------------------------------------------------------
>
> Key: JBTM-3309
> URL: https://issues.redhat.com/browse/JBTM-3309
> Project: JBoss Transaction Manager
> Issue Type: Enhancement
> Components: LRA
> Affects Versions: 5.10.4.Final
> Reporter: Michael Musgrove
> Assignee: Mayank Kunwar
> Priority: Critical
>
> The Narayana implementation of the MicroProfile LRA specification uses a JAX-RS filter to communicate with a remote coordinator. The interaction is currently insecure. This issue is to investigate the best way of securing this channel. Since the JAX-RS filter is applied to the MicroProfile service we should initially investigate the MicroProfile security solution (MicroProfile JSON Web Token).
--
This message was sent by Atlassian Jira
(v7.13.8#713008)
More information about the jbossts-issues
mailing list