Uploaded image for project: 'OpenIDM'
  1. OpenIDM
  2. OPENIDM-11422

Session JWT key usage is not clear

    Details

    • Type: Bug
    • Status: Closed
    • Priority: Major
    • Resolution: Fixed
    • Affects Version/s: OpenIDM 6.0.0
    • Fix Version/s: 6.0.0.1
    • Component/s: documentation
    • Labels:
    • Target Version/s:
    • Verified Version/s:
    • Story Points:
      1
    • Sprint:
      OpenIDM Sprint 6.5-6

      Description

      IDM docs...

      This section of the doc:

      https://backstage.forgerock.com/docs/idm/6/integrators-guide/#supported-session-modules

      highlights the keyAlias for the JWT_SESSION module, but doesn't really explain what that keyAlias is for.  The keyAlias refers to a boot.properties item &{openidm.https.keystore.cert.alias} which translates to the openidm-localhost alias in a default config.

      Then, this section:

      https://backstage.forgerock.com/docs/idm/6/integrators-guide/#display-keystore-over-rest

      says that openidm-jwtsessionhmac-key is used by the session JWT module to encrypt session cookies.

      It's not clear what the relationship is between these things, or how/why/if the session module uses these different aliases.

        Attachments

          Issue Links

            Activity

              People

              • Assignee:
                Mike2 Mike Jang [X] (Inactive)
                Reporter:
                andrew.potter Andrew Potter
              • Votes:
                0 Vote for this issue
                Watchers:
                6 Start watching this issue

                Dates

                • Created:
                  Updated:
                  Resolved: