[NIFI-10259] Improve Error Handling for Invalid JWT Bearer Tokens - ASF JIRA

XML

Word

Printable

JSON

Details

Type: Improvement
Status: Resolved
Priority: Minor
Resolution: Fixed
Affects Version/s: None
Fix Version/s: 1.17.0
Component/s: Core Framework, Core UI, Security
Labels:
None

Description

The default failure handler for Bearer Token authentication returns the WWW-Authenticate HTTP response header for invalid tokens, but does not include any response body. When user interface provides the Bearer Token in a Cookie header, the failure handler does not remove cookie. This behavior should be updated to return the error parameters in the response body and return a Set-Cookie header that instructs the browser to remove the cookie.

Attachments

Issue Links

is related to

NIFI-10216 Refactor Deprecated Usage of WebSecurityConfigurerAdapter

Resolved

relates to

NIFI-10313 Unexpected "Access Token not found"

Resolved

NIFI-10322 invalid_token error after OpenID connect session timeout

Resolved

links to

GitHub Pull Request #6233

Activity

People

Assignee:: David Handermann

Reporter:: David Handermann

Votes:: 0 Vote for this issue

Watchers:: 2 Start watching this issue

Dates

Created:: 21/Jul/22 16:13

Updated:: 24/Aug/22 21:52

Resolved:: 22/Jul/22 21:36

Time Tracking

Estimated:

Not Specified

Remaining:

Logged:

0.5h