Reputation: 754
Why is the JWT token not used for authorization in Payara micro
I have followed this example here https://docs.payara.fish/community/docs/5.183/documentation/payara-server/public-api/openid-connect-support.html to add authentication and authorization to my application. However, when I try to call the application with the JWT token in the Authorization header (Authorization: Bearer ey...) it fails and redirects me back to authenticating.
I have this in code:
@ApplicationPath("/")
@OpenIdAuthenticationDefinition(
providerURI = "https://my-idp.com/auth",
clientId = "my-app-id",
clientSecret = "my-app-secret",
redirectURI = "http://localhost:8080/myapp/oauth2/callback",
scope = "openid"
)
@DeclareRoles({"my_role"})
public class MyApp extends Application {
}
Then for my resource I have:
@Path("/my")
@RequestScoped
public class TestResource {
@Context
SecurityContext securityContext;
@GET
@Path("resource")
@Produces(MediaType.TEXT_PLAIN)
@RolesAllowed("my_role")
public String getName() {
return securityContext.getUserPrincipal().getName();
}
}
Does this mean that this feature is not available on Payara micro? If so, then why does the authorization part work?
Upvotes: 0
Views: 73
Answers (1)
Reputation: 754
This is the solution that I ended up doing for my question. I removed the OpenIdAuthenticationDefinition annotation and implemented these interfaces as a solution:
Custom http authentication mechanism:
@Default
@ApplicationScoped
@Path("oauth2")
public class CustomHttpAuthenticationMechanism implements javax.security.enterprise.authentication.mechanism.http.HttpAuthenticationMechanism { ... }
Custom identity store:
@javax.enterprise.context.ApplicationScoped
public class CustomIdentityStore implements javax.security.enterprise.identitystore.IdentityStore { ... }
Custom credential:
class CustomTokenCredential implements javax.security.enterprise.credential.Credential { ... }
Custom principal:
public class CustomPrincipal extends javax.security.enterprise.CallerPrincipal implements javax.security.enterprise.credential.Credential { ... }
Upvotes: 0
Related Questions
- Why should Java 8's Optional not be used in arguments
- What is the maven-shade-plugin used for, and why would you want to relocate Java packages?
- When is the @JsonProperty property used and what is it used for?
- index.html not found payara micro
- maven archetype for payara micro
- Payara Micro ConfigProperty "payara.instance.https.port" not working correctly
- How can I remove the Server header in Payara Micro 172?
- What are the reasons why Map.get(Object key) is not (fully) generic
- How to set log level for Payara Micro
- Why does CF UAA check_token endpoint need a clientId/clientSecret?