syncope-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Francesco Chicchiriccò (JIRA) <j...@apache.org>
Subject [jira] [Resolved] (SYNCOPE-1420) Expired Access Tokens might impede successful authentication
Date Fri, 21 Dec 2018 11:04:00 GMT

     [ https://issues.apache.org/jira/browse/SYNCOPE-1420?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]

Francesco Chicchiriccò resolved SYNCOPE-1420.
---------------------------------------------
    Resolution: Fixed

> Expired Access Tokens might impede successful authentication
> ------------------------------------------------------------
>
>                 Key: SYNCOPE-1420
>                 URL: https://issues.apache.org/jira/browse/SYNCOPE-1420
>             Project: Syncope
>          Issue Type: Bug
>          Components: core
>    Affects Versions: 2.0.11, 2.1.2
>            Reporter: Francesco Chicchiriccò
>            Assignee: Francesco Chicchiriccò
>            Priority: Major
>              Labels: jwt
>             Fix For: 2.0.12, 2.1.3, 3.0.0
>
>
> The {{ExpiredAccessTokenCleanup}} task is set to run every 5 minutes by default: this
timing can be reduced to 2 minutes, but not less - as any other job driven by Quartz.
> It could happen, then, that for a period of at least 2 minutes (5 by default), all authentication
attempts will fail by any user which owns an expired, yet still not removed, Access Token.



--
This message was sent by Atlassian JIRA
(v7.6.3#76005)

Mime
View raw message