Overview
Currently, CasWAF relies on an embedded certificate for JWT handling during initialisation. CasWAF should support dynamic certificate fetching from a JWKS (JSON Web Key Set) endpoint at runtime.
Use Case Example
A person responsible for deployment sets the environment variable, or proper config during deployment:
/conf/app.conf
casdoorEndpoint = https://door.example.com
Upon startup, casWAF fetches the latest keys from casdoor endpoint, allowing the deployment to automatically trust tokens signed by the external provider without manual certificate management.
Overview
Currently, CasWAF relies on an embedded certificate for JWT handling during initialisation. CasWAF should support dynamic certificate fetching from a JWKS (JSON Web Key Set) endpoint at runtime.
Use Case Example
A person responsible for deployment sets the environment variable, or proper config during deployment:
/conf/app.conf
casdoorEndpoint = https://door.example.com
Upon startup, casWAF fetches the latest keys from casdoor endpoint, allowing the deployment to automatically trust tokens signed by the external provider without manual certificate management.