[
https://issues.apache.org/jira/browse/KNOX-2383?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17129712#comment-17129712
]
ASF subversion and git services commented on KNOX-2383:
-------------------------------------------------------
Commit 9b9b4ead5bcd1b40ec9c6efd36d78297857dc6bb in knox's branch
refs/heads/master from Sandor Molnar
[ https://gitbox.apache.org/repos/asf?p=knox.git;h=9b9b4ea ]
KNOX-2383 - Checking token expiration in cache should not depend on the
validate flag (#341)
> Knox token is expired upon immediate token request after creation
> -----------------------------------------------------------------
>
> Key: KNOX-2383
> URL: https://issues.apache.org/jira/browse/KNOX-2383
> Project: Apache Knox
> Issue Type: Bug
> Components: Server
> Affects Versions: 1.5.0
> Reporter: Sandor Molnar
> Assignee: Sandor Molnar
> Priority: Critical
> Labels: TokenAuth, token
> Fix For: 1.5.0
>
> Time Spent: 0.5h
> Remaining Estimate: 0h
>
> *Steps to reproduce*
> # have a topology with JWT federation provider (let's call it
> {{tokenbased)}} and add a valid HDFS UI service in there (the service itself
> does not really matter, it's just the fastest way in my environment to
> reproduce the issue). It's important that you make sure
> {{knox.token.exp.server-managed}} is set to {{true}} for the {{JWT federation
> provider}}.
> # get a Knox delegation token using the {{KNOXTOKEN}} service. It's
> important that you make sure {{knox.token.exp.server-managed}} is set to
> {{true}} for the {{KNOXTOKEN}} service.
> # right after the previous call, try to hit the HDFS UI via the previously
> created {{tokenbased}} topology
> *Current results*
> The last action fails as the JWT provider receives the following error:
> {code:java}
> HTTP ERROR 400 Bad request: token has expired {code}
> *Expected results*
> HDFS UI should have been displayed w/o any issue.
--
This message was sent by Atlassian Jira
(v8.3.4#803005)
