[jira] [Updated] (NIFI-10259) Improve Error Handling for Invalid JWT Bearer Tokens

David Handermann (Jira) Thu, 21 Jul 2022 16:26:06 -0700


     [ 
https://issues.apache.org/jira/browse/NIFI-10259?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]


David Handermann updated NIFI-10259:
------------------------------------
    Status: Patch Available  (was: Open)

> Improve Error Handling for Invalid JWT Bearer Tokens
> ----------------------------------------------------
>
>                 Key: NIFI-10259
>                 URL: https://issues.apache.org/jira/browse/NIFI-10259
>             Project: Apache NiFi
>          Issue Type: Improvement
>          Components: Core Framework, Core UI, Security
>            Reporter: David Handermann
>            Assignee: David Handermann
>            Priority: Minor
>          Time Spent: 10m
>  Remaining Estimate: 0h
>
> The default failure handler for Bearer Token authentication returns the 
> {{WWW-Authenticate}} HTTP response header for invalid tokens, but does not 
> include any response body. When user interface provides the Bearer Token in a 
> Cookie header, the failure handler does not remove cookie. This behavior 
> should be updated to return the error parameters in the response body and 
> return a Set-Cookie header that instructs the browser to remove the cookie.



--
This message was sent by Atlassian Jira
(v8.20.10#820010)

[jira] [Updated] (NIFI-10259) Improve Error Handling for Invalid JWT Bearer Tokens

Reply via email to