Uploaded image for project: 'WildFly Core'
  1. WildFly Core
  2. WFCORE-7347

Update the token realm so we can specify a remote URL to obtain the key

XMLWordPrintable

    • Icon: Feature Request Feature Request
    • Resolution: Unresolved
    • Icon: Major Major
    • None
    • None
    • Security
    • None

      We already have JKU support to retrieve a key but this is an alrernative to inlining a public key in the config where JKUs are not used.

      We should also consider configuration to timeout and update the retrieved key.

      Also after a failed signature verification we may want to dynamically obtain the key again, for this last point we should only do so if we have not retrieved the key recently to avoid being used to DOS the server hosting the key.

              Unassigned Unassigned
              darran.lofthouse@redhat.com Darran Lofthouse
              Votes:
              0 Vote for this issue
              Watchers:
              1 Start watching this issue

                Created:
                Updated: