[jira] [Work logged] (KNOX-3075) JDBC Token State Server not handling -1 Expiry Correctly

Sun, 24 Nov 2024 07:02:25 -0800 


     [ 
https://issues.apache.org/jira/browse/KNOX-3075?focusedWorklogId=945334&page=com.atlassian.jira.plugin.system.issuetabpanels:worklog-tabpanel#worklog-945334
 ]

ASF GitHub Bot logged work on KNOX-3075:
----------------------------------------

                Author: ASF GitHub Bot
            Created on: 24/Nov/24 15:01
            Start Date: 24/Nov/24 15:01
    Worklog Time Spent: 10m 
      Work Description: smolnar82 opened a new pull request, #970:
URL: https://github.com/apache/knox/pull/970

   ## What changes were proposed in this pull request?
   
   As described in KNOX-3075, when the token TTL was set to -1 (which allows 
creating never-expiring tokens), JDBC TSS threw an `UnknownTokenException`. 
This is wrong. It should have returned the configured `-1` value.
   
   ## How was this patch tested?
   
   I updated existing JUnit tests to handle the path when fetching tokens for a 
user. I also added 2 new test cases to ensure this issue never occurs again.




Issue Time Tracking
-------------------

            Worklog Id:     (was: 945334)
    Remaining Estimate: 0h
            Time Spent: 10m

> JDBC Token State Server not handling -1 Expiry Correctly
> --------------------------------------------------------
>
>                 Key: KNOX-3075
>                 URL: https://issues.apache.org/jira/browse/KNOX-3075
>             Project: Apache Knox
>          Issue Type: Bug
>          Components: JWT
>            Reporter: Larry McCay
>            Assignee: Larry McCay
>            Priority: Major
>             Fix For: 2.1.0
>
>         Attachments: image-2024-11-16-12-02-03-545.png, 
> image-2024-11-16-12-02-34-329.png
>
>          Time Spent: 10m
>  Remaining Estimate: 0h
>
> With server managed state for JWT and passcode tokens and the token state 
> server set to JDBC/Derby, a -1 expiration results in an UnknownTokenException 
> inappropriately.
>  !image-2024-11-16-12-02-03-545.png! 
> The above image shows tokens with Never as the expiration.
>  !image-2024-11-16-12-02-34-329.png! 
> The next image shows that an expiration of -1 will result in the 
> UnknownTokenException.
> Changing back to the Alias based token state server resolved this issue. 
> Since this is no longer the default TSS, we are broken out of the box.



--
This message was sent by Atlassian Jira
(v8.20.10#820010)

Reply via email to