JSON Web Token (JWTs) have emerged as the de-facto modern standard for authentication in HTTP applications as they are widely used by OAuth 2 and OpenID Connect providers. Despite this support for JWT authentication is patchy across different Java server runtimes, and the flexibility in the JWT specifications means that even when JWTs are used, their usage differs widely depending on the identity provider that issued the JWT.
These libraries provide a generic capability for doing authentication with JWTs, with implementation
libraries for different Java servlet runtimes - Servlet 3.x (javax.servlet), Servlet 5.x
(jakarta.servlet) and JAX-RS 3.x (jakarta.ws.rs). Verification support is
pluggable with generic JWKS (JSON Web Key Set) verification as used by OAuth 2/OpenID Connect providers, and
AWS ELB support provided out of the box.
JWT Servlet Auth is a set of Java library distributed with Maven, follow the README instructions for how to depend on the library.
Source Code for the library may be obtained from the GitHub repository.