[HADOOP-12929] JWTRedirectAuthenticationHandler must accommodate null expiration time - ASF JIRA

XML

Word

Printable

JSON

Details

Type: Bug
Status: Resolved
Priority: Major
Resolution: Fixed
Affects Version/s: None
Fix Version/s: None
Component/s: security
Labels:
None

Target Version/s:

2.8.0
Hadoop Flags:

Reviewed

Description

The underlying JWT token within the hadoop-jwt cookie should be able to have no expiration time. This allows the token lifecycle to be the same as the cookie that contains it.

Current validation processing of the token interprets the absence of an expiration time as requiring a new token to be acquired. JWT itself considers the exp to be an optional claim. As such, this patch will change the processing to accept a null expiration as valid for as long as the cookie is presented.

Attachments

- Sort By Name
- Sort By Date
- Ascending
- Descending

HADOOP-12929-001.patch
16/Mar/16 21:32
3 kB
Larry McCay
HADOOP-12929-002.patch
17/Mar/16 12:26
4 kB
Larry McCay
HADOOP-12929-003.patch
19/Mar/16 01:26
6 kB
Larry McCay

Activity

People

Assignee:: Larry McCay

Reporter:: Larry McCay

Votes:: 0 Vote for this issue

Watchers:: 3 Start watching this issue

Dates

Created:: 16/Mar/16 21:24

Updated:: 21/Mar/16 20:58

Resolved:: 21/Mar/16 20:38