The JWT authentication example in this section modifies the webpage of the Pre-setting page source example in the previous section. Together with the call to the solution, we also submit the JWT. Note that the JWT must be submitted as a string (that is, with quotes around it). In the code listing below, the JWT is highlighted in blue.
The files used in this example are JWT.html and jsonBooks.mtd. Both are located in your (My) Documents MobileTogether folder: MobileTogetherDesignerExamples\Tutorials\EmbeddedWebpageSolutions. To try out the files, deploy the MTD file to your server, and enable JWT authentication in the server settings (see next section below). If newuser is not registered on your server, it will automatically be imported as a user, and the login will be successful. However, you will need to set permissions so that the container of jsonBooks.mtd can be accessed. If needed, modify the HTML code so that the correct workflow is targeted.
The JWT in this example file was created with the Audience claim set to www.altova.com and the Subject claim (which specifies the user name) set to newuser. The secret used to generate this JWT is gQkhVQPKkNYts3CraUsmmF6RyEvTCFnt.
In order for the server to decrypt and verify the JWT sent by the webpage, JWT authentication must be enabled in the server settings (screenshot below) with the following two settings:
•The secret used to generate the JWT: gQkhVQPKkNYts3CraUsmmF6RyEvTCFnt
•The value of the Audience claim that was used to generate the JWT: www.altova.com
|Note:||Additionally, remember to set permissions so that the container of jsonBooks.mtd can be accessed by newuser.|