[jira] [Updated] (NIFI-10259) Improve Error Handling for Invalid JWT Bearer Tokens

Nathan Gough (Jira) Fri, 22 Jul 2022 14:37:04 -0700


     [ 
https://issues.apache.org/jira/browse/NIFI-10259?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]


Nathan Gough updated NIFI-10259:
--------------------------------
    Fix Version/s: 1.17.0
       Resolution: Fixed
           Status: Resolved  (was: Patch Available)

> Improve Error Handling for Invalid JWT Bearer Tokens
> ----------------------------------------------------
>
>                 Key: NIFI-10259
>                 URL: https://issues.apache.org/jira/browse/NIFI-10259
>             Project: Apache NiFi
>          Issue Type: Improvement
>          Components: Core Framework, Core UI, Security
>            Reporter: David Handermann
>            Assignee: David Handermann
>            Priority: Minor
>             Fix For: 1.17.0
>
>          Time Spent: 0.5h
>  Remaining Estimate: 0h
>
> The default failure handler for Bearer Token authentication returns the 
> {{WWW-Authenticate}} HTTP response header for invalid tokens, but does not 
> include any response body. When user interface provides the Bearer Token in a 
> Cookie header, the failure handler does not remove cookie. This behavior 
> should be updated to return the error parameters in the response body and 
> return a Set-Cookie header that instructs the browser to remove the cookie.



--
This message was sent by Atlassian Jira
(v8.20.10#820010)

[jira] [Updated] (NIFI-10259) Improve Error Handling for Invalid JWT Bearer Tokens

Reply via email to