hadoop-common-issues mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Larry McCay (JIRA)" <j...@apache.org>
Subject [jira] [Created] (HADOOP-12929) JWTRedirectAuthenticationHandler must accommodate null expiration time
Date Wed, 16 Mar 2016 21:24:33 GMT
Larry McCay created HADOOP-12929:
------------------------------------

             Summary: JWTRedirectAuthenticationHandler must accommodate null expiration time
                 Key: HADOOP-12929
                 URL: https://issues.apache.org/jira/browse/HADOOP-12929
             Project: Hadoop Common
          Issue Type: Bug
          Components: security
            Reporter: Larry McCay
            Assignee: Larry McCay


The underlying JWT token within the hadoop-jwt cookie should be able to have no expiration
time. This allows the token lifecycle to be the same as the cookie that contains it.

Current validation processing of the token interprets the absence of an expiration time as
requiring a new token to be acquired. JWT itself considers the exp to be an optional claim.
As such, this patch will change the processing to accept a null expiration as valid for as
long as the cookie is presented.



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

Mime
View raw message