Ok thank you.
I think I will speak to you more once I have this initial MicroProfile JWT
integration complete. One of the motivations of MP-JWT is the ability to
add an annotation to the Application to activate the mechanism whilst
avoiding the need to edit the web.xml. However two updates are still
required to the web.xml to make authentication mandatory (which is
restricted to being path based) and to enable access control.
Those remaining two point I think we can discuss but it may also be worth
raising in the MicroProfile group to see if there is interest in getting
the behaviour spec defined.
On Tue, Nov 5, 2019 at 12:40 AM Ron Sigal <rsigal(a)redhat.com> wrote:
I haven't interacted with that piece of RESTEasy. Purely Bill
On 11/4/19 4:37 PM, Alessio Soldano wrote:
On Fri, Nov 1, 2019 at 7:16 PM Darran Lofthouse <
> I have found the following that answers my question: -
> So overall I both need to switch on support for the annotations AND
> configure a path based security constraint in the web.xml to trigger
> Have there been any discussions on looking into this further? It seems
> plausible that authentication could be triggered in the event a role is
> required if authentication has not already been performed: -
No discussion here recently AFAIR. Maybe Ron remembers anything?
I'm fine evaluating possible RFE anyway.
> Darran Lofthouse.
> On Fri, Nov 1, 2019 at 5:23 PM Darran Lofthouse <
> darran.lofthouse(a)jboss.com> wrote:
>> I am presently in the process of adding MicroProfile JWT support to
>> WildFly, most of the code to activate this is now ready but I just wanted
>> to ask for some pointers as to how RestEasy triggers the need for
>> authentication for a request?
>> I have a deployed endpoint annotated with @RolesAllowed, I am about to
>> attach a debugger and look into the call in more detail but thought I would
>> ask here as well if there are any pointers.
>> Darran Lofthouse.
> resteasy-dev mailing list
Associate Manager, Software Engineering
Red Hat <https://www.redhat.com>
resteasy-dev mailing list