JWT RBAC claims and behavior

81 views
Skip to first unread message

sst...@redhat.com

unread,
Jul 7, 2017, 3:45:33 AM7/7/17
to MicroProfile
I have created a pull request (https://github.com/eclipse/microprofile-jwt-auth/pull/3) to update the current spec with some of the discussions as well as start some code prototyping to see how the implementation integrates with container APIs.

Let's continue the discussion in this thread.

John D. Ament

unread,
Jul 7, 2017, 7:11:01 AM7/7/17
to MicroProfile
Scott,

I added some comments to the PR.  I'm not sure if you're purposely mixing impl and tck together, so we may need to be careful.

In addition, do you have an ECA on file? Are you signing your commits?  Please make sure you review the Eclipse contrib process, we're following the "via GitHub" flavor.

sst...@redhat.com

unread,
Jul 18, 2017, 10:14:51 PM7/18/17
to Eclipse MicroProfile
Ok, I have redone the pull request  (https://github.com/eclipse/microprofile-jwt-auth/pull/4) with the following changes:
1. Introduce a proper api abstraction for the JWTCallerPrincipal
2. Added an ri module for a reference implementation that depends on the Keycloak core API jar.
3. Updated the spec to reflect the most recent discussions.

I would like to have a kickoff meet up to discuss the following:

1. General discussion of current state of the specification.
2. Answer questions on the specification or the proposed API/RI.
3. Get into specifics regarding:
  a. The need for a unique_username vs requiring uniqueness on the preferred_username.
  b. Is there agreement on the proposed resource_access encoding of service specific groups/roles?
4. Next steps:
  a. TCK
  b. DefaultServerModule for Java EE 7.
  c. Additional test coverage.

I would like to try to do this Friday, July 21 around 14:00 UTC and will try to add the meeting information to the Microprofile calendar.

sst...@redhat.com

unread,
Jul 18, 2017, 10:40:48 PM7/18/17
to Eclipse MicroProfile
I'm not able to add an event to the MP calendar, so can someone add an "MP JWT Auth" event for this coming Friday at 14:00 UTC/GMT using the following bluejeans URL:


I created a meeting notes doc with the current proposed agenda here:

Emily Jiang

unread,
Jul 19, 2017, 8:43:58 AM7/19/17
to Eclipse MicroProfile
Scott, 

What is the repeating frequency? Weekly?

Emily

sst...@redhat.com

unread,
Jul 19, 2017, 9:22:06 AM7/19/17
to Eclipse MicroProfile
For now, yes weekly will work.

Emily Jiang

unread,
Jul 19, 2017, 10:16:23 AM7/19/17
to Eclipse MicroProfile
Done. Please import the calendar from MP wiki and verify whether it is correct or not.

Emily

sst...@redhat.com

unread,
Jul 21, 2017, 10:03:17 AM7/21/17
to Eclipse MicroProfile
It looks correct, and we are meeting now.
Reply all
Reply to author
Forward
0 new messages