Uploaded image for project: 'JBoss Transaction Manager'
  1. JBoss Transaction Manager
  2. JBTM-3309

Investigate using MicroProfile JSON Web Token to secure interaction with an LRA coordinator

XMLWordPrintable

    • Icon: Enhancement Enhancement
    • Resolution: Done
    • Icon: Critical Critical
    • 5.11.0.Final
    • 5.10.4.Final
    • LRA
    • None

      The Narayana implementation of the MicroProfile LRA specification uses a JAX-RS filter to communicate with a remote coordinator. The interaction is currently insecure. This issue is to investigate the best way of securing this channel. Since the JAX-RS filter is applied to the MicroProfile service we should initially investigate the MicroProfile security solution (MicroProfile JSON Web Token).

            [JBTM-3309] Investigate using MicroProfile JSON Web Token to secure interaction with an LRA coordinator

            Mayank Kunwar (Inactive) added a comment - - edited

            I have added a quickstart for securing LRA coordinator endpoints, using JWT security mechanism over WildFly application server.

            And created new issue to add another quickstart to demonstrate the same over Quarkus application server.

            Mayank Kunwar (Inactive) added a comment - - edited I have added a quickstart for securing LRA coordinator endpoints, using JWT security mechanism over WildFly application server. And created new issue  to add another quickstart to demonstrate the same over Quarkus application server.

              mkunwar1 Mayank Kunwar (Inactive)
              rhn-engineering-mmusgrov Michael Musgrove
              Votes:
              0 Vote for this issue
              Watchers:
              4 Start watching this issue

                Created:
                Updated:
                Resolved: