All Implemented Interfaces:
AuthenticationProvider, OutboundSecurityProvider, SecurityProvider

public final class JwtProvider extends SynchronousProvider implements AuthenticationProvider, OutboundSecurityProvider
Provider that can process JWT tokens in request headers and assert identity (e.g. create a Principal for a SubjectType.USER or SubjectType.SERVICE. This provider can also propagate identity using JWT token, either by creating a new JWT or by propagating the existing token "as is". Verification and signatures of tokens is done through JWK standard - two separate JWK files are expected (one for verification, one for signatures).