[
https://issues.apache.org/jira/browse/KNOX-2369?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Sandeep More resolved KNOX-2369.
--------------------------------
Resolution: Fixed
> Knox throws java.lang.IllegalStateException in case of expired or invalid
> token
> -------------------------------------------------------------------------------
>
> Key: KNOX-2369
> URL: https://issues.apache.org/jira/browse/KNOX-2369
> Project: Apache Knox
> Issue Type: Bug
> Components: Server
> Reporter: Sandeep More
> Assignee: Sandeep More
> Priority: Major
> Fix For: 1.5.0
>
> Time Spent: 10m
> Remaining Estimate: 0h
>
> When a request is made to Knox configured with SSOCookieProvider and the
> provided JWT token is expired or invalid (signed using a different key) then
> Knox throws the following exception
> {code}
> Caused by: java.lang.IllegalStateException: Committed
> at
> org.eclipse.jetty.server.HttpChannel.resetBuffer(HttpChannel.java:908)
> at org.eclipse.jetty.server.HttpOutput.resetBuffer(HttpOutput.java:1413)
> at org.eclipse.jetty.server.Response.resetBuffer(Response.java:1132)
> at org.eclipse.jetty.server.Response.sendRedirect(Response.java:496)
> at org.eclipse.jetty.server.Response.sendRedirect(Response.java:505)
> at
> javax.servlet.http.HttpServletResponseWrapper.sendRedirect(HttpServletResponseWrapper.java:176)
> at
> javax.servlet.http.HttpServletResponseWrapper.sendRedirect(HttpServletResponseWrapper.java:176)
> at
> javax.servlet.http.HttpServletResponseWrapper.sendRedirect(HttpServletResponseWrapper.java:176)
> at
> org.apache.knox.gateway.provider.federation.jwt.filter.SSOCookieFederationFilter.sendRedirectToLoginURL(SSOCookieFederationFilter.java:160)
> at
> org.apache.knox.gateway.provider.federation.jwt.filter.SSOCookieFederationFilter.doFilter(SSOCookieFederationFilter.java:152)
> at
> org.apache.knox.gateway.GatewayFilter$Holder.doFilter(GatewayFilter.java:349)
> at
> org.apache.knox.gateway.GatewayFilter$Chain.doFilter(GatewayFilter.java:263)
> at
> org.apache.knox.gateway.webappsec.filter.XSSProtectionFilter.doFilter(XSSProtectionFilter.java:52)
> at
> org.apache.knox.gateway.GatewayFilter$Holder.doFilter(GatewayFilter.java:349)
> at
> org.apache.knox.gateway.GatewayFilter$Chain.doFilter(GatewayFilter.java:263)
> at
> org.apache.knox.gateway.webappsec.filter.XFrameOptionsFilter.doFilter(XFrameOptionsFilter.java:52)
> at
> org.apache.knox.gateway.GatewayFilter$Holder.doFilter(GatewayFilter.java:349)
> at
> org.apache.knox.gateway.GatewayFilter$Chain.doFilter(GatewayFilter.java:263)
> at
> org.apache.knox.gateway.webappsec.filter.CSRFPreventionFilter.doFilter(CSRFPreventionFilter.java:61)
> at
> org.apache.knox.gateway.GatewayFilter$Holder.doFilter(GatewayFilter.java:349)
> at
> org.apache.knox.gateway.GatewayFilter$Chain.doFilter(GatewayFilter.java:263)
> at
> org.apache.knox.gateway.filter.XForwardedHeaderFilter.doFilter(XForwardedHeaderFilter.java:50)
> at
> org.apache.knox.gateway.filter.AbstractGatewayFilter.doFilter(AbstractGatewayFilter.java:58)
> ... 48 more
> {code}
--
This message was sent by Atlassian Jira
(v8.3.4#803005)
