Uploaded image for project: 'Ambari'
  1. Ambari
  2. AMBARI-15479

JwtAuthenticationFilter needs to accommodate null JWT expiration time

    Details

    • Type: Bug
    • Status: Resolved
    • Priority: Major
    • Resolution: Fixed
    • Affects Version/s: None
    • Fix Version/s: None
    • Component/s: ambari-server
    • Labels:
      None

      Description

      Current validation of the JWT token within the SSO cookie interprets no expiration date as expired and redirects to acquire a new cookie. In the JWT specification exp is an optional claim however. KnoxSSO is leveraging this to mean that the token lifecycle should be tied to that of the SSO cookie itself and not timeout from underneath the cookie.

      This minor change will allow null expiration times within the JWT token to be considered valid.

        Attachments

        1. AMBARI-15479-003.patch
          3 kB
          Larry McCay
        2. AMBARI-15479-002.patch
          3 kB
          Larry McCay
        3. AMBARI-15479-001.patch
          3 kB
          Larry McCay

          Issue Links

            Activity

              People

              • Assignee:
                lmccay Larry McCay
                Reporter:
                lmccay Larry McCay
              • Votes:
                0 Vote for this issue
                Watchers:
                3 Start watching this issue

                Dates

                • Created:
                  Updated:
                  Resolved: