[
https://issues.apache.org/jira/browse/KNOX-2566?focusedWorklogId=575551&page=com.atlassian.jira.plugin.system.issuetabpanels:worklog-tabpanel#worklog-575551
]
ASF GitHub Bot logged work on KNOX-2566:
----------------------------------------
Author: ASF GitHub Bot
Created on: 01/Apr/21 15:01
Start Date: 01/Apr/21 15:01
Worklog Time Spent: 10m
Work Description: lmccay commented on a change in pull request #427:
URL: https://github.com/apache/knox/pull/427#discussion_r605728496
##########
File path:
gateway-provider-security-jwt/src/main/java/org/apache/knox/gateway/provider/federation/jwt/JWTMessages.java
##########
@@ -69,4 +69,8 @@
text = "The configuration value ({0}) for maximum token
verification cache is invalid; Using the default value." )
void invalidVerificationCacheMaxConfiguration(String value);
+ @Message( level = MessageLevel.ERROR,
Review comment:
okay.
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
us...@infra.apache.org
Issue Time Tracking
-------------------
Worklog Id: (was: 575551)
Time Spent: 1h (was: 50m)
> JWT Token Signature Verification Caching NPE
> --------------------------------------------
>
> Key: KNOX-2566
> URL: https://issues.apache.org/jira/browse/KNOX-2566
> Project: Apache Knox
> Issue Type: Bug
> Components: Server
> Affects Versions: 1.6.0
> Reporter: Philip Zampino
> Assignee: Philip Zampino
> Priority: Major
> Time Spent: 1h
> Remaining Estimate: 0h
>
> For JWT tokens that have not been issued by Knox, but which Knox can verify,
> the signature verification caching enhancement in the JWT providers
> (KNOX-2544) throws a NPE because it's assuming that all JWTs have been issued
> by Knox and have a Knox-token-specific claim.
> The providers should be able to handle these cases without throwing an
> exception.
--
This message was sent by Atlassian Jira
(v8.3.4#803005)
