Details
-
Type:
Improvement
-
Status: Closed
-
Priority:
Major
-
Resolution: Fixed
-
Affects Version/s: None
-
Component/s: JAX-RS Security
-
Labels:None
-
Estimated Complexity:Unknown
Description
CXF already ships DefaultEncryptingOAuthProvider which can be used by the servers to avoid storing the OAuth2 model, it uses a custom seriallization format. It makes sense to offer a provider which uses a JWT token as a properties container before encrypting it.