Lightrun
question-mark
Stuck on an issue?

Lightrun Answers was designed to reduce the constant googling that comes with debugging 3rd party libraries. It collects links to all the places you might be looking at while hunting down a tough bug.

And, if you’re still stuck at the end, we’re happy to hop on a call to see how we can help out.

Wrong behavior in Using JWT RBAC guide

See original GitHub issue

Following the Using JWT RBAC guide section “finally-secured-access-to-securedroles-allowed” the expected curl result is hello + jdoe@quarkus.io, isSecure: false, authScheme: MP-JWT, hasJWT: true but the outcome differs.

Also this warning is reported: WARN: Unrecognized configuration key "quarkus.smallrye-jwt.auth-mechanism" provided

Expected behavior

Expected authScheme: MP-JWT and no WARN report.

Actual behavior

authScheme: BASIC in resource report and warning about unrecognized configuration key.

To Reproduce Steps to reproduce the behavior:

  1. git clone https://github.com/quarkusio/quarkus-quickstarts.git
  2. run integratest unit test
  3. test pass but unexpected behavior

Configuration The one provided in quickstart

Environment (please complete the following information):

  • Output of uname -a or ver: Linux 2018-00002 4.4.0-18362-Microsoft #1-Microsoft Mon Mar 18 12:02:00 PST 2019 x86_64 x86_64 x86_64 GNU/Linux
  • Output of java -version: openjdk version "1.8.0_222" OpenJDK Runtime Environment (Zulu 8.40.0.25-CA-linux64) (build 1.8.0_222-b10) OpenJDK 64-Bit Server VM (Zulu 8.40.0.25-CA-linux64) (build 25.222-b10, mixed mode)
  • Quarkus version or git rev: 0.24.0

Issue Analytics

  • State:closed
  • Created 4 years ago
  • Reactions:1
  • Comments:12 (8 by maintainers)

github_iconTop GitHub Comments

1reaction
tunoviccommented, Nov 29, 2019

If quarkus.smallrye-jwt.auth-mechanism property isn’t used anymore (https://quarkus.io/guides/security-jwt#configuration-reference), should it be removed from https://quarkus.io/guides/security-jwt guide?

1reaction
sberyozkincommented, Oct 17, 2019
Read more comments on GitHub >

github_iconTop Results From Across the Web

Using JWT RBAC - Quarkus
This guide explains how your Quarkus application can utilize SmallRye JWT to verify JSON Web Tokens, represent them as MicroProfile JWT ...
Read more >
Using JWT RBAC - Quarkus
This guide explains how your Quarkus application can utilize MicroProfile Json Web Token (JWT) Role-Based Access Control (RBAC) to provide secured access to ......
Read more >
Role based JWT Tokens in ASP.NET Core APIs - Rick Strahl
Today I got stuck in one of those Groundhog Day loops looking at outdated information with JWT Tokens for a Web API with...
Read more >
Eclipse MicroProfile - JWT RBAC Security (MP-JWT)
The first part of this article describes the background and motivation for the MicroProfile JWT RBAC security specification (MP-JWT). The second part of...
Read more >
Enable Role-Based Access Control for APIs - Auth0
When RBAC is disabled, the default behavior is observed; an application can request any permission defined for the API, and the scope claim...
Read more >

github_iconTop Related Medium Post

No results found

github_iconTop Related StackOverflow Question

No results found

github_iconTroubleshoot Live Code

Lightrun enables developers to add logs, metrics and snapshots to live code - no restarts or redeploys required.
Start Free

github_iconTop Related Reddit Thread

No results found

github_iconTop Related Hackernoon Post

No results found

github_iconTop Related Tweet

No results found

github_iconTop Related Dev.to Post

No results found

github_iconTop Related Hashnode Post

No results found
Previous page

Investigate possibility to use a lazy threadpool for Quartz backed scheduler

Next page

CORSConfig is not representable as YAML