Microservices
Updated On 03 September 2024 |
Min(s) read
Enabling Authentication by using JWT - IRIS
This section helps you to enable authentication using JWT-IRIS.
Prerequisite
- IRIS authentication is deprecated from 202010, Please refer JWT Authentication - MS.
Deployment Artifacts
Party IRF is available as a web archive (war) for J2EE,
J2EE-IRIS : ms-party-j2ee-iris.war
Configuration of JWT
Below Procedure helps to configure JWT
Set the claims that needs to be extracted from the jwt payload and token validation parameters in spring-jwt-iris-authenticator.xml located in the path \WEB-INF\classes\
- Set the value issuer from JWT Token payload (Fabric) and public key in base 64 format in pkEncoded.
Token Validation Parameters<beans:bean id="oidcProviderServer" class="com.temenos.security.oidc.common.OidcProviderServer"> <beans:property name="issuer" value="Fabric" /> <beans:property name="pkEncoded" value="TUlJQklqQU5CZ2txaGtpRzl3MEJBUUVGQUFPQ0FROEFNSUlCQ2dLQ0FRRUF2SjJoQ3pxZXMwUUxkbVJUcFVnSA0KZW9LR1l3QWN5ejZYcTF6cWVBMjdMZWQxbXF5dzZETnJ5enl0bWtCNGNEdUc0cldvQXRydVZiY3ZmUDhVdi9nbg0KVXdDQXg2dzhxb2E4czNqa0ljUFM3QWlwNEFXTkNJNTdaRk9KSU1aNmx3SHRhWEgxaEIvUElnYk54NjlIb3VkSw0KSUc2WDZRdlZlOUtYbWhlbytVbGZsakE1Mm4zWmY5QnlRKy9xQ2w3eXJwcENQYk5PUHFraHBNQ0ZtQ0VrMjQxTg0KWDdxRlZKZTg0M1YzbnJwcXdJejROaVh5cjc0bFVaYVRGNUs0VHNZdnUreDBWemthRnpWUWlpUEw5QmVCZGZDMw0KYlA4cGJZMFd6MFFGQk1DRUJQRERzWWdEczZXcXBWam5CcklWTmVJdGZWY2hjK2JwZFNnWVVZRUR3RGlVczdpQg0KOFFJREFRQUI=" /> <beans:property name="pkCertEncoded" value="" /> <beans:property name="pkCertFilePath" value="" /> <beans:property name="pkJwksUri" value="" /> <beans:property name="decryptingJwkEncoded" value="" /> <beans:property name="principalClaim" value="sub" /> </beans:bean> - Set the list of claims to be extracted from JWT as shown below, if required.Claims
<beans:bean id="requiredFields" class="com.temenos.irf.web.security.jwt.parser.RequiredFieldsExtractor"> <beans:property name="claimsToExtract"> <beans:map> <beans:entry key="" value="" /> </beans:map> </beans:property> </beans:bean>
In this topic