Uploaded image for project: 'Hadoop Common'
  1. Hadoop Common
  2. HADOOP-12929

JWTRedirectAuthenticationHandler must accommodate null expiration time

    XMLWordPrintableJSON

    Details

    • Type: Bug
    • Status: Resolved
    • Priority: Major
    • Resolution: Fixed
    • Affects Version/s: None
    • Fix Version/s: None
    • Component/s: security
    • Labels:
      None
    • Target Version/s:
    • Hadoop Flags:
      Reviewed

      Description

      The underlying JWT token within the hadoop-jwt cookie should be able to have no expiration time. This allows the token lifecycle to be the same as the cookie that contains it.

      Current validation processing of the token interprets the absence of an expiration time as requiring a new token to be acquired. JWT itself considers the exp to be an optional claim. As such, this patch will change the processing to accept a null expiration as valid for as long as the cookie is presented.

        Attachments

        1. HADOOP-12929-001.patch
          3 kB
          Larry McCay
        2. HADOOP-12929-002.patch
          4 kB
          Larry McCay
        3. HADOOP-12929-003.patch
          6 kB
          Larry McCay

          Activity

            People

            • Assignee:
              lmccay Larry McCay
              Reporter:
              lmccay Larry McCay
            • Votes:
              0 Vote for this issue
              Watchers:
              3 Start watching this issue

              Dates

              • Created:
                Updated:
                Resolved: