lucene-solr-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Jan Høydahl <jan....@cominvent.com>
Subject Re: Sample JWT Solr configuration
Date Tue, 10 Sep 2019 10:30:26 GMT
I think you are confusing JWK with the JWT token. JWK is only for defining the key, see https://mkjwk.org
for an online JWK generator, you can choose HS256 as algorithm. Put the generated JWK in Solr's
config and also use the generated key to sign your JWT. Then Solr should be able to validate
the JWT.

--
Jan Høydahl, search solution architect
Cominvent AS - www.cominvent.com

> 10. sep. 2019 kl. 01:21 skrev Tyrone <tyrone.tse@gmail.com>:
> 
> Jan
> 
> Can my jwk object be something like
> 
> {alg": "HS256", "typ": "JWT",
> 
> "sub": "1234567890", "name": "John Doe", "iat": 1516239022,
> 
> “k" : "secret-key"}
> 
> Where k is the JWT secret key?
> 
> 
> Sent from my iPhone
> 
>> On Sep 9, 2019, at 1:48 AM, Jan Høydahl <jan.asf@cominvent.com> wrote:
>> 
>> In your security.json, add a JWK matching your signing algorithm, using the “jwk”
JSON key.
>> 
>> Example:
>> “jwk” : { "kty" : "oct", "kid" : "0afee142-a0af-4410-abcc-9f2d44ff45b5", "alg"
: "HS256", "k" : "FdFYFzERwC2uCBB46pZQi4GG85LujR8obt-KWRBICVQ" }
>> 
>> Of course you need to find a way to encode your particular secret in jwk format,
there should be plenty of tools available for that. If you intend to use symmetric key in
prod you have to configure solr so that security.json is not readable for anyone but the admin!
>> 
>> Jan Høydahl
>> 
>>> 9. sep. 2019 kl. 05:46 skrev Tyrone <tyrone.tse@gmail.com>:
>>> 
>>> HS256


Mime
  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message