Is there a way to prevent MPJwt authenticating unprotected / permitted endpoints. Using Openliberty server

Question

Mpjwt configuration for open liberty server.xml

<mpJwt
   id="keycloakJwt"
   jwksUri="https://auth.ura.go.ug/auth/realms/sso/protocol/openid- connect/certs"
   issuer="https://auth.ura.go.ug/auth/realms/sso"
   userNameAttribute="preferred_username"
   audiences="askura-etax-ws">
</mpJwt>

Unprotected route return the following error when accessed CWWKS5522E: The MicroProfile JWT feature cannot perform authentication because a MicroProfile JWT cannot be found in the request.

@PermitAll
@Path("/test")
public class TestResource {
  @Inject
  AppProperty appProperty;

  @GET
  @Path("/ping")
  @Produces(MediaType.TEXT_PLAIN)
  public String test() {
     return "TEST";
  }
}

score 0 · Answer 1 · answered Aug 31 '21 at 13:02

The code around the CWWKS5522E message was recently updated in https://github.com/OpenLiberty/open-liberty/pull/15606 in 21.0.0.2 to not be issued when the resource is unprotected. Please confirm if you are using at least that release or a newer one. If you are, please open an issue in https://github.com/OpenLiberty/open-liberty/issues and we can assist you in debugging your problem.

Regards,

Teddy

Is there a way to prevent MPJwt authenticating unprotected / permitted endpoints. Using Openliberty server

1 Answers1