You are viewing a plain text version of this content. The canonical link for it is here.

Posted to dev@knox.apache.org by "Larry McCay (JIRA)" <ji...@apache.org> on 2013/04/03 20:31:15 UTC

[jira] [Commented] (KNOX-12) Configure aliases for JWT signature verification

    [ https://issues.apache.org/jira/browse/KNOX-12?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13621150#comment-13621150 ] 

Larry McCay commented on KNOX-12:
---------------------------------

consider using jwk or jku in order to get the public key that corresponds to the key used for the signature. See: http://tools.ietf.org/html/draft-ietf-jose-json-web-signature-08.
                
> Configure aliases for JWT signature verification
> ------------------------------------------------
>
>                 Key: KNOX-12
>                 URL: https://issues.apache.org/jira/browse/KNOX-12
>             Project: Apache Knox
>          Issue Type: Bug
>          Components: Server
>    Affects Versions: 0.2.0
>            Reporter: Larry McCay
>              Labels: JWT, Security, Signature
>   Original Estimate: 24h
>  Remaining Estimate: 24h
>
> Currently the signature verification assumes that the cert used is the one that represents the gateway-identity.
> We need to be able to configure the alias of the cert for verification based on the issuer of the JWT.

--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira