You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@knox.apache.org by "Colm O hEigeartaigh (JIRA)" <ji...@apache.org> on 2017/12/11 12:53:00 UTC
[jira] [Commented] (KNOX-6) Validate audience of JWT
[ https://issues.apache.org/jira/browse/KNOX-6?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16285850#comment-16285850 ]
Colm O hEigeartaigh commented on KNOX-6:
----------------------------------------
This issue could be resolved as audience validation is now enabled for JWTFederationFilter.
> Validate audience of JWT
> ------------------------
>
> Key: KNOX-6
> URL: https://issues.apache.org/jira/browse/KNOX-6
> Project: Apache Knox
> Issue Type: Bug
> Components: Server
> Affects Versions: 0.2.0
> Reporter: Larry McCay
> Assignee: Larry McCay
> Labels: JWT, Security
> Fix For: Future
>
>
> Must validate that the audience indicated matches the intended target during JWT validation in JWTFederationFilter.
--
This message was sent by Atlassian JIRA
(v6.4.14#64029)