[
https://issues.apache.org/jira/browse/KNOX-962?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16038984#comment-16038984
]
Larry McCay commented on KNOX-962:
----------------------------------
[~coheigea] - as usual I thank you for this contribution and your dedication to
continual improvement and cleanup! I would like to push this out to a future
release, however - just because we are trying to close down on 0.13.0 and need
to manage the scope to critical issues at this point.
While this is a decent test improvement and I was actually eyeing it up while
adding a recent test, I don't think it is a major issue since the actual
signature verification is done by the nimbus lib. We do need to make sure that
the proper public key is available for use in verification and we should make
sure that we have coverage for that. This may actually require that we do the
verification to be sure.
> Add signature validation tests for the JWT filters
> --------------------------------------------------
>
> Key: KNOX-962
> URL: https://issues.apache.org/jira/browse/KNOX-962
> Project: Apache Knox
> Issue Type: Test
> Reporter: Colm O hEigeartaigh
> Assignee: Colm O hEigeartaigh
> Priority: Minor
> Fix For: 0.14.0
>
> Attachments:
> 0001-KNOX-962-Add-signature-validation-tests-for-the-JWT-.patch
>
>
> Currently we don't test signature validation in the JWT filters - this task
> is to add some tests for this.
--
This message was sent by Atlassian JIRA
(v6.3.15#6346)
