Skip to content
This repository has been archived by the owner. It is now read-only.

righettod/poc-jwt

master
Switch branches/tags
Code

Latest commit

 

Git stats

Files

Permalink
Failed to load latest commit information.
Type
Name
Latest commit message
Commit time
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 

Introduction

It's the code repository of the OWASP cheatsheet JSON Web Token (JWT) Cheat Sheet for Java.

A web page propose the creation, validation and revocation of the token, see the image below:

Get a token:

Demo1

Token stored in browser session storage:

Demo2

Associated user fingerprint hardened cookie issued to tackle token sidejacking:

Demo3

Verification of the token:

Demo4

Revocation of the token (logout):

Demo5

Verification of the token indicating that the token has been revoked and is not valid anymore:

Demo5

All classes are fully documented.

The project was developed with JAX-RS + Maven under IntelliJ IDEA Community Edition.

Build status

Build Status

Build or Run

You can also use the Run Application running configuration from Intellij project.

Run the following command to create a WAR archive:

mvn clean package

Run the following command to run the prototype (application will be available on https://localhost:8443):

mvn tomcat7:run-war

About

POC about usage of JSON Web Tokens (JWT) in a secure way.

Topics

Resources

Stars

Watchers

Forks

Releases

No releases published

Packages

No packages published