Uploaded image for project: 'Apache NiFi'
  1. Apache NiFi
  2. NIFI-10259

Improve Error Handling for Invalid JWT Bearer Tokens

Attach filesAttach ScreenshotVotersWatch issueWatchersCreate sub-taskLinkCloneUpdate Comment AuthorReplace String in CommentUpdate Comment VisibilityDelete Comments
    XMLWordPrintableJSON

Details

    • Improvement
    • Status: Resolved
    • Minor
    • Resolution: Fixed
    • None
    • 1.17.0
    • Core Framework, Core UI, Security
    • None

    Description

      The default failure handler for Bearer Token authentication returns the WWW-Authenticate HTTP response header for invalid tokens, but does not include any response body. When user interface provides the Bearer Token in a Cookie header, the failure handler does not remove cookie. This behavior should be updated to return the error parameters in the response body and return a Set-Cookie header that instructs the browser to remove the cookie.

      Attachments

        Issue Links

        is related to

        Improvement - An improvement or enhancement to an existing feature or task. NIFI-10216 Refactor Deprecated Usage of WebSecurityConfigurerAdapter

        • Minor - Minor loss of function, or other problem where easy workaround is present.
        • Resolved
        relates to

        Bug - A problem which impairs or prevents the functions of the product. NIFI-10313 Unexpected "Access Token not found"

        • Major - Major loss of function.
        • Resolved

        Bug - A problem which impairs or prevents the functions of the product. NIFI-10322 invalid_token error after OpenID connect session timeout

        • Major - Major loss of function.
        • Resolved
        links to

        Web Link GitHub Pull Request #6233

        Activity
          This comment will be Viewable by All Users Viewable by All Users
          Cancel

          People

            exceptionfactory David Handermann
            exceptionfactory David Handermann
            Votes:
            0 Vote for this issue
            Watchers:
            2 Start watching this issue

            Dates

              Created:
              Updated:
              Resolved:

              Time Tracking

                Estimated:
                Original Estimate - Not Specified
                Not Specified
                Remaining:
                Remaining Estimate - 0h
                0h
                Logged:
                Time Spent - 0.5h
                0.5h

                Slack

                  Issue deployment