The purpose here is to add a new JAAS LoginModule allowing authentication based on JWT.
We can use Nimbus JWT dependency to deal with that.
The idea is:
- Introduce a new
OAuth2LoginModule to be used by the JaasAuthenticationPlugin, similar to the existing PropertiesLoginModule or LDAPLoginModule.
- Validates tokens locally, to avoid systematic call to the IdP on every connection.
- The OAuth2 configuration (issuer, claim, etc) is defined in the
conf/login.config as other LoginModules.
- The user pass the token as "password"
The purpose here is to add a new JAAS LoginModule allowing authentication based on JWT.
We can use Nimbus JWT dependency to deal with that.
The idea is:
OAuth2LoginModuleto be used by theJaasAuthenticationPlugin, similar to the existingPropertiesLoginModuleorLDAPLoginModule.conf/login.configas otherLoginModules.