Uploaded image for project: 'JBoss Transaction Manager'
  1. JBoss Transaction Manager
  2. JBTM-3404

Creating quickstart for securing Narayana LRA endpoints, using Json web token on Quarkus

    XMLWordPrintable

Details

    • Enhancement
    • Resolution: Done
    • Major
    • None
    • None
    • LRA
    • None

    Description

      The Narayana implementation of the MicroProfile LRA specification uses a JAX-RS filter to communicate with a remote coordinator. The interaction is currently insecure. 

      This issue is created in order to, introduce a quickstart for securing LRA coordinator endpoints when deployed on Quarkus application server using JWT (json web token) authorization security mechanism.

      The quickstart will show, how we can authorize LRA coordinator endpoints by just with some web.xml configuration or something similar, so that there are no code changes required in the LRA coordinator code base.

      Attachments

        Issue Links

          is blocked by

          Enhancement - An enhancement to or refactoring of existing functionality that is not configurable by an end user (typically a change made by an internal team that affects users) JBTM-3309 Investigate using MicroProfile JSON Web Token to secure interaction with an LRA coordinator

          • Critical - To be worked on immediately following BLOCKER issues.
          • Closed

          Activity

            People

              Unassigned Unassigned
              mkunwar1 Mayank Kunwar (Inactive)
              Votes:
              0 Vote for this issue
              Watchers:
              3 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved: