You are viewing a plain text version of this content. The canonical link for it is here.

Posted to dev@knox.apache.org by "Colm O hEigeartaigh (JIRA)" <ji...@apache.org> on 2017/12/11 12:53:00 UTC

[jira] [Commented] (KNOX-6) Validate audience of JWT

    [ https://issues.apache.org/jira/browse/KNOX-6?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16285850#comment-16285850 ] 

Colm O hEigeartaigh commented on KNOX-6:
----------------------------------------

This issue could be resolved as audience validation is now enabled for JWTFederationFilter.

> Validate audience of JWT
> ------------------------
>
>                 Key: KNOX-6
>                 URL: https://issues.apache.org/jira/browse/KNOX-6
>             Project: Apache Knox
>          Issue Type: Bug
>          Components: Server
>    Affects Versions: 0.2.0
>            Reporter: Larry McCay
>            Assignee: Larry McCay
>              Labels: JWT, Security
>             Fix For: Future
>
>
> Must validate that the audience indicated matches the intended target during JWT validation in JWTFederationFilter.



--
This message was sent by Atlassian JIRA
(v6.4.14#64029)