You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardExpand all lines: README.md
+3-4
Original file line number
Diff line number
Diff line change
@@ -4,17 +4,16 @@
4
4
# tomcat-jwt-security
5
5
This project aims to bring JWT token authentication capabilities into **Tomcat 8**, implementing an authentication filter as a Tomcat Valve. JWT manipulation is based on [java-jwt](https://github.com/auth0/java-jwt) project.
6
6
7
-
From version `3.0.0`, **OpenID Connect** JWT ID tokens are supported.
8
-
9
7
For Tomcat 7, please use [version 1.1.0](https://github.com/andreacomo/tomcat-jwt-security/releases/tag/tomcat-jwt-security-1.1.0) or clone [tomcat-7 branch](https://github.com/andreacomo/tomcat-jwt-security/tree/tomcat-7).
10
8
11
9
Valve-based authentication is supposed to work along with Java **standard security constraints** placed in your *web.xml* file and will leave your server **stateless**: with a JWT token you can keep your Tomcat *free of http session*.
12
10
13
11
From version 3.0.0, several improvements have been made (with *many breaking changes* - please refers to release notes).
14
12
Now you can take advantages of signing and verifying your JWT tokens with:
15
13
16
-
* HMAC algorithms, providing a **secret text** (the legacy approach, available since versions 2.x.x)
17
-
* RSA algorithms, providing a **keystore with a public key**
14
+
**HMAC* algorithms, providing a **secret text** (the legacy approach, available since versions 2.x.x)
15
+
**RSA* algorithms, providing a **keystore with a public key**
16
+
***OpenID Connect** JWT ID tokens are supported.
18
17
19
18
# Getting started
20
19
You can download artifacts (1.a) or build the project on your own (1.b), then configure Tomcat and your security constraints in your project to enable authentication system.
0 commit comments