unecessary steps since adding ssl trustDefaultCerts="true" #220
Conversation
…n Liberty's ssl element (tlsSecurity.xml)
authentication/README.md
Outdated
| @@ -132,7 +132,7 @@ com.ibm.ws.authentication.internal.assertion=true, | |||
| com.ibm.wssi.security.oidc.client.credential.storing.utc.time.milliseconds=1669040483111, | |||
| id_token=eyJhbGciOiJSUzI1NiIsInR5cCIgOiAiSldUIiwia2lkIiA6ICJVMVZadVY1S18zbWNGclprVnJFSGFnQWxDaWV2S0ZjOTNoLWVMQ2lMR2hrIn0.eyJleHAiOjE2NjkwNDA3ODMsImlhdCI6MTY2OTA0MDQ4MywiYXV0aF90aW1lIjoxNjY5MDQwNDgyLCJqdGkiOiI0YjQ5ZTkxZC1lODBkLTQyYTAtYTUxYi04YzY4Nzc5MDI1ZTIiLCJpc3MiOiJodHRwczovL2tleWNsb2FrLW1hdHRlc3QuYXBwcy5vY3AtcHNpdC1hZG8uY3AuZnlyZS5pYm0uY29tL3JlYWxtcy9vZG0iLCJhdWQiOiJvZG0iLCJzdWIiOiIxNDE4ZmY0OS04MjU4LTQzZjItODM5Yi01ZjJlMTEzNTc4MjciLCJ0eXAiOiJJRCIsImF6cCI6Im9kbSIsInNlc3Npb25fc3RhdGUiOiJkMDYyNTA5NC1iNDQ5LTQxYWItYWUwMy0zYWY4MDBjNjU2NGEiLCJhdF9oYXNoIjoieWdMM0xOQnNoVWEybVhsOWxqS3hZUSIsImFjciI6IjEiLCJzaWQiOiJkMDYyNTA5NC1iNDQ5LTQxYWItYWUwMy0zYWY4MDBjNjU2NGEiLCJlbWFpbF92ZXJpZmllZCI6dHJ1ZSwibmFtZSI6IkpvaG4gRG9lIiwiZ3JvdXBzIjpbInJ0c0NvbmZpZ01hbmFnZXJzIiwicmVzQWRtaW5pc3RyYXRvcnMiLCJyZXNNb25pdG9ycyIsInJ0c0FkbWluaXN0cmF0b3JzIiwicnRzSW5zdGFsbGVycyIsInJlc0RlcGxveWVycyIsInJ0c1VzZXJzIiwicmVzRXhlY3V0b3JzIl0sInByZWZlcnJlZF91c2VybmFtZSI6ImpvaG5kb2VAbXljb21wYW55LmNvbSIsImdpdmVuX25hbWUiOiJKb2huIiwiZmFtaWx5X25hbWUiOiJEb2UiLCJlbWFpbCI6ImpvaG5kb2VAbXljb21wYW55LmNvbSJ9.NBbZPp6Mymve3mLVyE0zKgW-yN1VZvZ5FnmpP93ImMDtMc2yYRw9wxZzQ_eZLsAulyR-SlkxIWhMESKcoIKW8Scm23rJembUgyfJ82btGBGAOIXAQDtN7rnGq4_6U6gUaUA7OIswErii4zG3GmXSLu3COBsAIYRaIPtGc_X1OM-bfc9jeGI8H2yK8y9MnlsvTTRaNT6YRNja-yuQKcVe3dukDb7hL5FvBCAWjWnZ0bocQobeYuXp3xV8I8j4z3hC-HAPmvSrgHOEJhokPNKlBfnACE4-1TFzu5fJQztbb8MfzCwVzvpLTmkTdTe3NMk7UDnrUYLfGtiGarGuOOAUYw, ... | |||
| ``` | |||
|
|
|||
| <!-- markdown-link-check-disable-next-line --> | |||
| Introspecting the **id_token** with [https://jwt.io](https://jwt.io), you should get: | |||
There was a problem hiding this comment.
It's probably not your text (I didn't check the history) but I'd recommend against putting any specific site or even tool to inspect JWT. Imagine this site is hacked somehow, we would trustfully redirect customers to some devil site. I'd rephrase just with Introspecting the **id_token**, you should get:
There was a problem hiding this comment.
Good thinking!
Since we have a replacement let's suggest to use the DevToyz app instead
https://devtoys.app/
There was a problem hiding this comment.
Mmmh I'd say no, for same reason (if somebody hacks devtoys.app)... Or at least just mention the name of the tool without providing any URL. It will be up to the user to determine whether s·he wants to use it or any other tool:
Introspecting the **id_token** (for instance with DevToys), you should get:
There was a problem hiding this comment.
Do you have an opinion @lgrateau ?
There was a problem hiding this comment.
I removed the reference/suggestion to use DevToys
remove steps no longer needed since adding trustDefaultCerts="true" in Liberty's ssl element (see odm-ondocker/common/config/tlsSecurity.xml)