[jboss-jira] [JBoss JIRA] (ELY-628) Allow JWT-based token realms to operate in parse-only mode
Pedro Igor (JIRA)
issues at jboss.org
Tue Sep 13 18:21:00 EDT 2016
[ https://issues.jboss.org/browse/ELY-628?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13292944#comment-13292944 ]
Pedro Igor commented on ELY-628:
--------------------------------
In some situations, a JWT-based token realm can be used to only extract identities from tokens without performing validations such as issuer, audience or signatures. For instance, when the mechanism already provides the same validations (or custom validations) supported by the realm.
A driven use case for this issue is Keycloak integration, where Keycloak adapter code (authentication mechanisms) already provides all the necessary checks for JWTs. In this case, the realm is just used to build identities and to trust token evidences passed from the mechanism.
> Allow JWT-based token realms to operate in parse-only mode
> ----------------------------------------------------------
>
> Key: ELY-628
> URL: https://issues.jboss.org/browse/ELY-628
> Project: WildFly Elytron
> Issue Type: Enhancement
> Components: Realms
> Affects Versions: 1.1.0.Beta8
> Reporter: Pedro Igor
> Assignee: Pedro Igor
>
--
This message was sent by Atlassian JIRA
(v6.4.11#64026)
More information about the jboss-jira
mailing list