Skip to content
This repository has been archived by the owner on Dec 6, 2020. It is now read-only.
/ poc-jwt Public archive

POC about usage of JSON Web Tokens (JWT) in a secure way.

Notifications You must be signed in to change notification settings

righettod/poc-jwt

Repository files navigation

Introduction

It's the code repository of the OWASP cheatsheet JSON Web Token (JWT) Cheat Sheet for Java.

A web page propose the creation, validation and revocation of the token, see the image below:

Get a token:

Demo1

Token stored in browser session storage:

Demo2

Associated user fingerprint hardened cookie issued to tackle token sidejacking:

Demo3

Verification of the token:

Demo4

Revocation of the token (logout):

Demo5

Verification of the token indicating that the token has been revoked and is not valid anymore:

Demo5

All classes are fully documented.

The project was developed with JAX-RS + Maven under IntelliJ IDEA Community Edition.

Build status

Build Status

Build or Run

You can also use the Run Application running configuration from Intellij project.

Run the following command to create a WAR archive:

mvn clean package

Run the following command to run the prototype (application will be available on https://localhost:8443):

mvn tomcat7:run-war

Releases

No releases published

Packages

No packages published