You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@knox.apache.org by "Sandor Molnar (Jira)" <ji...@apache.org> on 2020/06/09 08:32:00 UTC

[jira] [Updated] (KNOX-2383) Knox token is expired upon immediate token request after creation

     [ https://issues.apache.org/jira/browse/KNOX-2383?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]

Sandor Molnar updated KNOX-2383:
--------------------------------
    Description: 
*Steps to reproduce*
 # have a topology with JWT federation provider (let's call it {{tokenbased)}} and add a valid HDFS UI service in there (the service itself does not really matter, it's just the fastest way in my environment to reproduce the issue)
 # get a Knox delegation token using the {{KNOXTOKEN}} service. It's important that you make sure {{knox.token.exp.server-managed}} is set to {{true}} for the {{KNOXTOKEN}} service.
 # right after the previous call, try to hit the HDFS UI via the previously created {{tokenbased}} topology

*Current results*

The last action fails as the JWT provider receives the following error:
{code:java}
HTTP ERROR 400 Bad request: token has expired {code}
*Expected results*

HDFS UI should have been displayed w/o any issue.

  was:
*Steps to reproduce*
 # have a topology with JWT federation provider (let's call it {{tokenbased)}} and add a valid HDFS UI service in there (the service itself does not really matter, it's just the fastest way in my environment to reproduce the issue)
 # get a Knox delegation token using the {{KNOXTOKEN}} service. It's important that you make sure {{knox.token.exp.server-managed}} is set to {{true}} for the {{KNOXTOKEN }}service.
 # right after the previous call, try to hit the HDFS UI via the previously created {{tokenbased}} topology

*Current results*

The last action fails as the JWT provider receives the following error:
{code:java}
HTTP ERROR 400 Bad request: token has expired {code}
*Expected results*

HDFS UI should have been displayed w/o any issue.


> Knox token is expired upon immediate token request after creation
> -----------------------------------------------------------------
>
>                 Key: KNOX-2383
>                 URL: https://issues.apache.org/jira/browse/KNOX-2383
>             Project: Apache Knox
>          Issue Type: Bug
>          Components: Server
>    Affects Versions: 1.5.0
>            Reporter: Sandor Molnar
>            Assignee: Sandor Molnar
>            Priority: Critical
>              Labels: TokenAuth, token
>             Fix For: 1.5.0
>
>
> *Steps to reproduce*
>  # have a topology with JWT federation provider (let's call it {{tokenbased)}} and add a valid HDFS UI service in there (the service itself does not really matter, it's just the fastest way in my environment to reproduce the issue)
>  # get a Knox delegation token using the {{KNOXTOKEN}} service. It's important that you make sure {{knox.token.exp.server-managed}} is set to {{true}} for the {{KNOXTOKEN}} service.
>  # right after the previous call, try to hit the HDFS UI via the previously created {{tokenbased}} topology
> *Current results*
> The last action fails as the JWT provider receives the following error:
> {code:java}
> HTTP ERROR 400 Bad request: token has expired {code}
> *Expected results*
> HDFS UI should have been displayed w/o any issue.



--
This message was sent by Atlassian Jira
(v8.3.4#803005)