[
https://issues.apache.org/jira/browse/HADOOP-12929?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15205121#comment-15205121
]
Hudson commented on HADOOP-12929:
---------------------------------
FAILURE: Integrated in Hadoop-trunk-Commit #9484 (See
[https://builds.apache.org/job/Hadoop-trunk-Commit/9484/])
HADOOP-12929. JWTRedirectAuthenticationHandler must accommodate null (benoy:
rev e7ed05e4f5b0421e93f2f2cadc5beda3d28b9911)
*
hadoop-common-project/hadoop-auth/src/main/java/org/apache/hadoop/security/authentication/server/JWTRedirectAuthenticationHandler.java
*
hadoop-common-project/hadoop-auth/src/test/java/org/apache/hadoop/security/authentication/server/TestJWTRedirectAuthentictionHandler.java
> JWTRedirectAuthenticationHandler must accommodate null expiration time
> ----------------------------------------------------------------------
>
> Key: HADOOP-12929
> URL: https://issues.apache.org/jira/browse/HADOOP-12929
> Project: Hadoop Common
> Issue Type: Bug
> Components: security
> Reporter: Larry McCay
> Assignee: Larry McCay
> Attachments: HADOOP-12929-001.patch, HADOOP-12929-002.patch,
> HADOOP-12929-003.patch
>
>
> The underlying JWT token within the hadoop-jwt cookie should be able to have
> no expiration time. This allows the token lifecycle to be the same as the
> cookie that contains it.
> Current validation processing of the token interprets the absence of an
> expiration time as requiring a new token to be acquired. JWT itself considers
> the exp to be an optional claim. As such, this patch will change the
> processing to accept a null expiration as valid for as long as the cookie is
> presented.
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
