[
https://issues.apache.org/jira/browse/KNOX-1021?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16153127#comment-16153127
]
J.Andreina commented on KNOX-1021:
----------------------------------
In AbstractJWTFilter#parseExpectedAudiences if check empty string validation
also should be added
{noformat}
protected List<String> parseExpectedAudiences(String expectedAudiences) {
ArrayList<String> audList = null;
// setup the list of valid audiences for token validation
if (expectedAudiences != null) {
// parse into the list
{noformat}
Will soon provide a patch for the same
> Should handle empty string for endpoint token service audience list
> -------------------------------------------------------------------
>
> Key: KNOX-1021
> URL: https://issues.apache.org/jira/browse/KNOX-1021
> Project: Apache Knox
> Issue Type: Bug
> Components: Server
> Reporter: J.Andreina
> Priority: Minor
>
> If knox.token.audience is left empty at endpoint , then an empty
> string is validated against the list of valid token audience list and the
> token is rejected. Admin might expect the same behaviour when the endpoint
> audience is null ( ie. Token should be accepted)
--
This message was sent by Atlassian JIRA
(v6.4.14#64029)
