ranger-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Velmurugan Periasamy (JIRA)" <j...@apache.org>
Subject [jira] [Commented] (RANGER-886) RangerSSOAuthenticationFilter needs to accommodate a missing expiration time
Date Wed, 23 Mar 2016 05:42:25 GMT

    [ https://issues.apache.org/jira/browse/RANGER-886?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15207902#comment-15207902
] 

Velmurugan Periasamy commented on RANGER-886:
---------------------------------------------

Thanks for the patch [~lmccay@apache.org]. 

Can you please confirm the use-case where ExpirationTime from Knox SSO will return null?

> RangerSSOAuthenticationFilter needs to accommodate a missing expiration time
> ----------------------------------------------------------------------------
>
>                 Key: RANGER-886
>                 URL: https://issues.apache.org/jira/browse/RANGER-886
>             Project: Ranger
>          Issue Type: Bug
>          Components: Ranger
>            Reporter: Larry McCay
>            Assignee: Larry McCay
>         Attachments: RANGER-886-001.patch
>
>
> The processing of the JWT token used within the KnoxSSO cookie currently decides that
a missing expiration time fails validation. The absence of the expiration time should be interpreted
as no expiration.
> This ties the lifecycle of the JWT token to that of the cookie itself which will generally
be a session cookie.



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

Mime
View raw message