Supporting authentication through Zowe JWT token
The JWT secret that signs the JWT token is a private key that is generated during Zowe keystore configuration. To support authentication through JWT, perform the following steps.
About this task
- Copy the JWT secret from the API ML installation, as described at the following link:
https://docs.zowe.org/stable/extend/extend-apiml/api-mediation-security.html#authorization
- From the workstation where you installed the Dynamic Workload Console, import the secret into
the trust store by issuing the following command from
<DWC_DIR>/usr/servers/dwcServer/resources/security
:keytool -import -alias <my_secret> -keystore TWSServerTrustFile.jks -file <complete_path>/localhost.keystore.jwtsecret.pem
- Edit the
<DWC_DIR>/usr/servers/dwcServer/server.xml
file as follows:- Add the row
<feature>mpJwt-1.1</feature>
as shown in the following example:<featureManager> <feature>javaee-7.0</feature> <feature>passwordUtilities-1.0</feature> <feature>localConnector-1.0</feature> <feature>mpJwt-1.1</feature> </featureManager>
- Add the following information:
where:<!-- MPJWT configuration --> <mpJwt id="<my_mpJwt>" keyName="<my_secret>" userNameAttribute="sub" ignoreApplicationAuthMethod="false"/>
<my_mpJwt>
- A unique identifier that you define for the MicroProfile JWT (mpJwt).
<my_secret>
- The secret that you imported into the trust store at step 2.
- Add the row
- Save the server.xml file.