Uploaded image for project: 'MariaDB MaxScale'
  1. MariaDB MaxScale
  2. MXS-4217

Make JWT signatures configurable

    XMLWordPrintable

Details

    • New Feature
    • Status: Closed (View Workflow)
    • Major
    • Resolution: Fixed
    • None
    • 22.08.0
    • REST-API
    • None

    Description

      The JWT signatures in the REST API currently use HS256 (HMAC with SHA-256) as the only signature algorithm. Adding support for other hash sizes (HS384 and HS512) as well as asymmetric key algorithms (RS, PS, ES and Ed families) makes the security of the tokens used by the API easily controllable by the end user.

      In addition, the ability to share tokens between Maxscale instances can be done by either making the symmetric key used by MaxScale configurable (currently uses a random key) or by adding support for asymmetric key verification using a set of pre-defined certificates.

      Attachments

        Activity

          People

            markus makela markus makela
            markus makela markus makela
            Votes:
            0 Vote for this issue
            Watchers:
            1 Start watching this issue

            Dates

              Created:
              Updated:
              Resolved:

              Git Integration

                Error rendering 'com.xiplink.jira.git.jira_git_plugin:git-issue-webpanel'. Please contact your Jira administrators.