[MXS-4217] Make JWT signatures configurable - Jira

XML

Word

Printable

Details

Type: New Feature
Status: Closed (View Workflow)
Priority: Major
Resolution: Fixed
Affects Version/s: None
Fix Version/s: 22.08.0
Component/s: REST-API
Labels:
None

Description

The JWT signatures in the REST API currently use HS256 (HMAC with SHA-256) as the only signature algorithm. Adding support for other hash sizes (HS384 and HS512) as well as asymmetric key algorithms (RS, PS, ES and Ed families) makes the security of the tokens used by the API easily controllable by the end user.

In addition, the ability to share tokens between Maxscale instances can be done by either making the symmetric key used by MaxScale configurable (currently uses a random key) or by adding support for asymmetric key verification using a set of pre-defined certificates.

Attachments

Activity

People

Assignee:: markus makela

Reporter:: markus makela

Votes:: 0 Vote for this issue

Watchers:: 1 Start watching this issue

Dates

Created:: 2022-07-25 10:08

Updated:: 2024-10-03 15:53

Resolved:: 2022-08-01 06:01

Git Integration

Error rendering 'com.xiplink.jira.git.jira_git_plugin:git-issue-webpanel'. Please contact your Jira administrators.