Uploaded image for project: 'Apache Knox'
  1. Apache Knox
  2. KNOX-2620

Signature algorithm mismatch in JWKS resource

    XMLWordPrintableJSON

    Details

    • Type: Bug
    • Status: Resolved
    • Priority: Major
    • Resolution: Fixed
    • Affects Version/s: 1.6.0
    • Fix Version/s: 1.6.0
    • Component/s: Server
    • Labels:
      None

      Description

      With KNOX-2570, a new public API endpoint got introduced which returns a JSON that helps to verify the generated tokens. One of the JSON elements in the response indicates the signature algorithm. This alg property is set to RSA instead of the configured/default signature algorithm (this is RS256 if it's not overridden in the topology).

        Attachments

          Issue Links

            Activity

              People

              • Assignee:
                smolnar Sandor Molnar
                Reporter:
                smolnar Sandor Molnar
              • Votes:
                0 Vote for this issue
                Watchers:
                2 Start watching this issue

                Dates

                • Created:
                  Updated:
                  Resolved:

                  Time Tracking

                  Estimated:
                  Original Estimate - Not Specified
                  Not Specified
                  Remaining:
                  Remaining Estimate - 0h
                  0h
                  Logged:
                  Time Spent - 20m
                  20m