Major Description
org.apache.cxf.rs.security.jose.common.KeyManagementUtils#loadPersistKeyStore set a keystore in the exchange and org.apache.cxf.rs.security.jose.jwk.JwkUtils#loadJwkSet(org.apache.cxf.message.Message, java.util.Properties, org.apache.cxf.rs.security.jose.common.PrivateKeyPasswordProvider) loads JsonWebKeys which can lead to classcastexception