...
Step1. Use JoseProducer or JoseJwtProducer
If you need to protect some non JWT property - extend or delegate to JoseProducer:
Code Block | ||
---|---|---|
| ||
import org.apache.cxf.rs.security.jose.common.JoseProducer;
@Path("service1")
public class SecureService extends JoseProducer {
@GET
public String getProtectedValue() {
// encrypt and/or sign the data
return super.processData("some data");
}
}
@Path("service2")
public class SecureService2 {
private JoseProducer producer = new JoseProducer();
@GET
public String getProtectedValue() {
// encrypt and/or sign the data
return producer.processData("some data");
}
} |
If you need to protect some non JWT property - extend or delegate to JoseJwtProducer:
Code Block | ||
---|---|---|
| ||
import org.apache.cxf.rs.security.jose.jwt.JoseJwtProducer;
@Path("service1")
public class SecureService extends JoseJwtProducer {
@GET
public String getProtectedToken() {
// encrypt and/or sign JWT
JwtClaims claims = new JwtClaims();
claims.setIssuer("some issuer");
// set other claims
return super.processJwt(new JwtToken(claims));
}
}
@Path("service2")
public class SecureService2 {
private JoseJwtProducer producer = new JoseJwtProducer();
@GET
public String getProtectedValue() {
// encrypt and/or sign JWT
return producer.processData(new JwtToken(new JwtClaims()));
}
} |
In both cases the producer helpers will detect the endpoint specific configuration thus the do not need to be preconfigured - however if needed they have the 'encryptionProvider' and 'signatureProvider' setters which can be used to inject JwsSignatureProvider and/or JweSignatureProvider instances instead.
The producer helpers require a signature creation only by default. Use their 'setJwsRequired' or 'setJwsRequired' properties to customize it - example, disable JWS but require JWE, or enable JWE to get JWS-protected data encrypted as well.
Step2. Set the key store location and the algorithm info
Consume JOSE data
Step1. Use JoseConsumer or JoseJwtConsumer
Step2. Set the key store location and the algorithm info
Produce and Consume JOSE data
Step1. Use JoseProducerConsumer or JoseJwtProducerConsumer
Step2. Set the key store location and the algorithm info
Configuration
CXF JOSE configuration provides for loading JWS and JWE keys and supporting various processing options. Configuration properties can be shared between JWS and JWE processors or in/out only JWS and or JWE properties can be set.
...