]
Darran Lofthouse reassigned WFLY-12951:
---------------------------------------
Assignee: (was: Darran Lofthouse)
JWT signed by 1024 bit long key is rejected
-------------------------------------------
Key: WFLY-12951
URL:
https://issues.redhat.com/browse/WFLY-12951
Project: WildFly
Issue Type: Bug
Components: MP JWT
Reporter: Darran Lofthouse
Priority: Major
According to MP-JWT 1.1 specification, 1024 and 2048 bit key sizes must be supported.
Though when there is JWT signed by 1024 bit long key presented to the server, it is
rejected and client receives "Unauthorized" (code 401) message.
See chapter 9.2. Supported Public Key Formats:
{quote}
Support for RSA Public Keys of 1024 or 2048 bits in length is required. Other key sizes
are allowed, but should be considered vendor-specific.
{quote}