ambari-issues mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Robert Levas (JIRA)" <j...@apache.org>
Subject [jira] [Commented] (AMBARI-15479) JwtAuthenticationFilter needs to accommodate null JWT expiration time
Date Tue, 19 Apr 2016 15:08:25 GMT

    [ https://issues.apache.org/jira/browse/AMBARI-15479?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15247927#comment-15247927
] 

Robert Levas commented on AMBARI-15479:
---------------------------------------

Committed to trunk
{noformat}
commit c36e4589197f64dd2f834abf9459d1a1a6d57d29
Author: Larry McCay <lmccay@apache.org>
Date:   Tue Apr 19 10:54:51 2016 -0400
{noformat}

> JwtAuthenticationFilter needs to accommodate null JWT expiration time
> ---------------------------------------------------------------------
>
>                 Key: AMBARI-15479
>                 URL: https://issues.apache.org/jira/browse/AMBARI-15479
>             Project: Ambari
>          Issue Type: Bug
>          Components: ambari-server
>            Reporter: Larry McCay
>            Assignee: Larry McCay
>         Attachments: AMBARI-15479-001.patch, AMBARI-15479-002.patch, AMBARI-15479-003.patch
>
>
> Current validation of the JWT token within the SSO cookie interprets no expiration date
as expired and redirects to acquire a new cookie. In the JWT specification exp is an optional
claim however. KnoxSSO is leveraging this to mean that the token lifecycle should be tied
to that of the SSO cookie itself and not timeout from underneath the cookie.
> This minor change will allow null expiration times within the JWT token to be considered
valid.



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

Mime
View raw message