THIS IS A TEST INSTANCE. ALL YOUR CHANGES WILL BE LOST!!!!
...
JOSE is a key piece of advanced OAuth2 and OpenId Connect applications but can also be successfully used for securing the regular HTTP web service communications.
CXF 3.0.x, 3.1.x and 3.2.0 provide a complete implementation of JOSE and offer a comprehensive utility and filter support for protecting JAX-RS services and clients with the help of JOSE.
...
You may also need to include Bouncy CastleBouncyCastle for some of JWE encryption algorithms to be supported:
| Code Block | ||||
|---|---|---|---|---|
| ||||
<dependency>
<groupId>org.bouncycastle</groupId>
<artifactId>bcprov-ext-jdk15on</artifactId>
<version>1.54</version>
</dependency>
|
...
Java7 or higher is recommended in most cases.
JWE:
Java6 does not support JWE AES -GCM at all GCM key wrap and content encryption algorithms (while with BouncyCastle it is not possible to submit JWE Header properties as an extra input to the encryption process to get them integrity protected which is not JWE compliant), however with Java 6 one can use AesCbcHmac content encryption if BouncyCastle is installed.
Unlimited JCE Policy for Java 7/8/9 needs to be installed if a size of the encryption key is 256 bits (example, JWE A256GCM).
JWS:
Java 6 should also be fine but note only CXF 3.0.x can be run with Java 6.
JOSE Overview and Implementation
...