Jakartaee auth0

[moksamedia]

This blog post has the following features:

• A GitHub Repository with a polished README
• A GitHub Repository under the github.com/oktadev account
• A title that's approved by Dev Advocacy
• A URL that's approved by Dev Advocacy
• The content has been run through Grammarly (https://www.grammarly.com/)
• Rendered locally and confirmed that no Markdown typos exist

[netlify]

✅ Deploy Preview for okta-blog ready!

Name	Link
🔨 Latest commit	6451775
🔍 Latest deploy log	https://app.netlify.com/sites/okta-blog/deploys/6408aea105c4480008b495a6
😎 Deploy Preview	https://deploy-preview-1332--okta-blog.netlify.app
📱 Preview on mobile	Toggle QR Code... Use your smartphone camera to open QR code link.

---

To edit notification comments on pull requests, go to your Netlify site settings.

[mraible]

Nice work, @moksamedia! I added some comments and suggestions. I'll QA next week.

[mraible]

I decided to make this a heading because there's a lot of intro before you get to this section. I could also see rolling it into the next section.

[mraible]

TODO: Update this list to use more recent posts.

[mraible]

@dan-auth0 Do you have a list of popular/related Java blog posts we should add here in the CTA (call to action)?

[mraible]

This scores a 57 on our title analyzer.

Other options:

• Use Jakarta EE 10 with OIDC Authentication: 58
• Jakarta EE 10 with OpenID Connect Authentication: 59
• Get Started with Jakarta EE 10 and OpenID Connect Authentication: 55

[mraible]

Keyword traffic:

• jakarta ee: 9900
• jakarta security: 170
• jakarta ee 10: 8080

To me, it seems we should optimize for "Jakarta EE" and "Jakarta EE 10" in the title and first few headings.

[mraible]

@moksamedia I QA'd this one today and created a PR to update the example.

I'm not sure if I'm configuring the issuer correctly. Here's what I have:

issuerUri=https://dev-06bzs1cu.us.auth0.com

Does it need a trailing slash?

The only other thing I thought is it'd be nice if the user could have success earlier. For example, right after you configure the action, they could run ./mvnw wildfly:run and see a successful login. Then you could walk them through the JWT stuff.

Or maybe you can't just log in? I just tried firing up the app and going to http://localhost:8080. It just says "Forbidden" in my browser and there's a warning in my logs.

11:55:13,682 WARN  [org.jboss.as.weld] (default task-1) WFLYWELD0052: Using deployment classloader to load proxy 
classes for module jakarta.security.enterprise.api. Package-private access will not work. To fix this the module should 
declare dependencies on [org.jboss.weld.core, org.jboss.weld.spi, org.jboss.weld.api]

If I try http://localhost:8080/protected, it gives me a stack trace that starts with:

java.lang.IllegalArgumentException: RESTEASY003720: path param oidcConfig.issuerUri has not been provided by the parameter map

Maybe renaming from OpenId (in Java and properties) to Oidc is not allowed?

[mraible]

Published on the Auth0 blog: https://auth0.com/blog/jakarta-ee-oidc/

Closing this PR since @coltonbeach and I talked and decided Auth0-only content should only be on the Auth0 blog.