JWT/OWSM -- SecurityContext Not Populated
(Doc ID 2601220.1)
Last updated on OCTOBER 07, 2022
Applies to:
Oracle Web Services Manager - Version 12.2.1.3.0 and laterInformation in this document applies to any platform.
Symptoms
When trying to call a REST service which is secured via an OWSM "JSON Web Token" (JWT) policy, the JWT passed along with the request is successfully verified against said policy.
However, the Subject/SecurityContext is *NOT* populated correctly.
There is no error but the results are wrong
As an example of a test run, the return is not correct:
user: null # Not OK -- expected: <USER>
<role1>: false # Not OK -- expected: true
<role2>: false # Not OK -- expected: true
<role3>: false # OK
<role4>: false # OK
Cause
To view full details, sign in with your My Oracle Support account. |
|
Don't have a My Oracle Support account? Click to get started! |
In this Document
Symptoms |
Cause |
Solution |
References |