We’re excited to announce our latest release of Imixs-Security OIDC, a powerful new OpenID Connect (OIDC) library for Jakarta EE 10 applications. This new release represents a significant milestone in our open source security toolkit, bringing enterprise-grade authentication capabilities to Jakarta EE applications.
Why Another OpenID Connect Library?
While Jakarta EE 10 introduced native OpenID Connect support through Eclipse Soteria 3.0, this default implementation shows some gaps that needed addressing for real-world enterprise applications. The primary limitation of the existing solution is their focus solely on browser-based user flows, leaving a significant gap for API authentication scenarios.
Imixs-Security-OIDC brings a new flexible solution providing comprehensive support for both – browser based OpenID Connect login and Bearer Token authentication. The later is a crucial requirement for modern applications that need to integrate with external systems via REST APIs.
Key Advantages Over Existing Solutions
🔐 Comprehensive Authentication Support
- Browser-based OpenID Connect flows (similar to Eclipse Soteria)
- Bearer Token authentication for REST API integration
- Seamless integration with external systems and microservices
🏗️ True Jakarta EE Portability
Imixs-Security-OIDC is designed as a portable library that can be integrated into any Jakarta EE application running on all Jakarta EE platforms. This ensures your authentication layer remains vendor independent and interoperable across different Jakarta EE implementations. So there is no custom configuration necessary to deploy your application on different server platforms like Wildfly, Payara, OpenLiberty, etc. .
⚡ Enterprise-Ready Features
Imixs-Security-OIDC is built for Jakarta EE 10 and later specifications. It leverages the Jakarta EE Security API and supports CDI specification for an easy integration. The library is Open source with active community support
- Jakarta Security 3.0 integration
- CDI-based dependency injection
- Standards-compliant OpenID Connect implementation
- Configurable through standard Jakarta EE mechanisms
Perfect for Modern Enterprise Scenarios
Consider a typical enterprise scenario: Your Jakarta EE application serves both a web interface for users and REST APIs for external partner systems. With traditional solutions, you’d need separate authentication mechanisms. Imixs-Security-OIDC handles both seamlessly with a unified configuration.
Imixs-Security 3.0.0 supports scenarios where applications need to:
- Integrate with external APIs using Bearer Token authentication
- Support both web UI and API clients from a single security configuration
- Maintain portability across different Jakarta EE application servers
- Implement enterprise-grade security without vendor lock-in
Getting Started
The library is designed for straightforward integration into existing Jakarta EE projects. Just add a Maven Dependency to your project:
<dependency>
<groupId>org.imixs.security</groupId>
<artifactId>imixs-oidc</artifactId>
<version>3.0.0</version>
</dependency>Detailed documentation, configuration examples, and integration guides are available in our GitHub repository: https://github.com/imixs/imixs-security/tree/main/imixs-oidc
Looking Forward
Imixs-Security 3.0.0 represents our commitment to providing enterprise-grade security solutions for the Jakarta EE community. As the ecosystem continues to evolve, we’re dedicated to ensuring that developers have access to robust, portable, and feature-complete security tools.
The addition of Bearer Token support addresses a critical gap in the current Jakarta EE security landscape, enabling developers to build truly modern applications that can seamlessly integrate with the broader ecosystem of services and APIs.
Community and Contributions
As with all Imixs projects, Imixs-Security is completely open source and welcomes community contributions. Whether you’re implementing OpenID Connect authentication in your Jakarta EE application or need advanced Bearer Token support for API integration, we’d love to hear about your use cases and experiences.
For detailed implementation guides, configuration examples, and API documentation, visit our GitHub repository. Join our community discussions and help shape the future of Jakarta EE security.