pzampino commented on a change in pull request #427:
URL: https://github.com/apache/knox/pull/427#discussion_r605713638
##########
File path:
gateway-provider-security-jwt/src/main/java/org/apache/knox/gateway/provider/federation/jwt/JWTMessages.java
##########
@@ -69,4 +69,8 @@
text = "The configuration value ({0}) for maximum token
verification cache is invalid; Using the default value." )
void invalidVerificationCacheMaxConfiguration(String value);
+ @Message( level = MessageLevel.ERROR,
Review comment:
The context from which this is logged is not applicable to the JWT
scenario. It is only ever logged when the token ID is used as a passcode, which
requires server-managed token state to be enabled because we can't authenticate
based on the ID alone (we need the expiry/metadata). In this context, I believe
this is an error.
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
[email protected]
