[SYNCOPE-1420] Expired Access Tokens might impede successful authentication - ASF JIRA

XML

Word

Printable

JSON

Details

Type: Bug
Status: Closed
Priority: Major
Resolution: Fixed
Affects Version/s: 2.0.11, 2.1.2
Fix Version/s: 2.0.12, 2.1.3, 3.0.0-M0
Component/s: core
Labels:
- jwt

Description

The ExpiredAccessTokenCleanup task is set to run every 5 minutes by default: this timing can be reduced to 2 minutes, but not less - as any other job driven by Quartz.

It could happen, then, that for a period of at least 2 minutes (5 by default), all authentication attempts will fail by any user which owns an expired, yet still not removed, Access Token.

Attachments

Activity

People

Assignee:: Francesco Chicchiriccò

Reporter:: Francesco Chicchiriccò

Votes:: 0 Vote for this issue

Watchers:: 2 Start watching this issue

Dates

Created:: 21/Dec/18 10:09

Updated:: 17/Jan/19 14:32

Resolved:: 21/Dec/18 11:03