syncope-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From ilgrosso <...@git.apache.org>
Subject [GitHub] syncope issue #79: Exposed JWT signature algorithm in security.properties. T...
Date Wed, 27 Jun 2018 07:37:49 GMT
Github user ilgrosso commented on the issue:

    https://github.com/apache/syncope/pull/79
  
    Hi @noorulrazvi-saal, thanks for this PR!
    
    Before merging, could you please:
    1. sign and send an [ICLA](http://syncope.apache.org/contributing#How_do_I_become_a_contributor_or_a_committer)
    1. open an issue on [JIRA](https://issues.apache.org/jira/projects/SYNCOPE?) for such
an improvement
    1. fix the failing tests (maybe the reason is only the default value for algorithm, as
pointed in my previous comemnt):
    ```
    [INFO] Running org.apache.syncope.fit.core.JWTITCase
    [ERROR] Tests run: 12, Failures: 1, Errors: 2, Skipped: 0, Time elapsed: 2.75 s <<<
FAILURE! - in org.apache.syncope.fit.core.JWTITCase
    [ERROR] queryUsingToken  Time elapsed: 0.26 s  <<< ERROR!
    java.security.AccessControlException: Invalid signature found in JWT
    	at org.apache.syncope.fit.core.JWTITCase.queryUsingToken(JWTITCase.java:129)
    [ERROR] tokenValidation  Time elapsed: 0.14 s  <<< ERROR!
    java.security.AccessControlException: Invalid signature found in JWT
    	at org.apache.syncope.fit.core.JWTITCase.tokenValidation(JWTITCase.java:174)
    [ERROR] getJWTToken  Time elapsed: 0.246 s  <<< FAILURE!
    org.opentest4j.AssertionFailedError: expected: <true> but was: <false>
    	at org.apache.syncope.fit.core.JWTITCase.getJWTToken(JWTITCase.java:80)
    ```
    
    Thanks!


---

Mime
View raw message