Uploaded image for project: 'Ambari'
  1. Ambari
  2. AMBARI-16638

Empty audiences list is treated as deny all for JWT auth

    XMLWordPrintableJSON

    Details

    • Type: Bug
    • Status: Resolved
    • Priority: Critical
    • Resolution: Fixed
    • Affects Version/s: 2.4.0
    • Fix Version/s: 2.4.0
    • Component/s: ambari-server
    • Labels:
      None

      Description

      Currently if ambari.properties contain authentication.jwt.audiences with empty value it is parsed into empty list and leads to denying all tokens.
      Should be treated as "allow all" instead.

        Attachments

        1. AMBARI-16638.patch
          8 kB
          Papirkovskyy Myroslav

          Issue Links

            Activity

              People

              • Assignee:
                mpapirkovskyy Papirkovskyy Myroslav
                Reporter:
                mpapirkovskyy Papirkovskyy Myroslav
              • Votes:
                0 Vote for this issue
                Watchers:
                2 Start watching this issue

                Dates

                • Created:
                  Updated:
                  Resolved: