You are viewing a plain text version of this content. The canonical link for it is here.
Posted to issues-all@impala.apache.org by "Jason Fehr (Jira)" <ji...@apache.org> on 2023/06/21 21:28:00 UTC
[jira] [Created] (IMPALA-12232) Impala Verifies JWT Audience and Issuer Claims
Jason Fehr created IMPALA-12232:
-----------------------------------
Summary: Impala Verifies JWT Audience and Issuer Claims
Key: IMPALA-12232
URL: https://issues.apache.org/jira/browse/IMPALA-12232
Project: IMPALA
Issue Type: Improvement
Components: be, Security
Reporter: Jason Fehr
Assignee: Jason Fehr
RFC 8725 contains JWT best practices that state the audience ("AUD") and issuer ("ISS") claims from a JWT should be validated if they are present. Impala currently has no mechanism to validate these claims.
Implement [ISS claim validation|https://datatracker.ietf.org/doc/html/rfc8725#name-validate-issuer-and-subject] and [AUD claim validation|https://datatracker.ietf.org/doc/html/rfc8725#name-use-and-validate-audience].
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
---------------------------------------------------------------------
To unsubscribe, e-mail: issues-all-unsubscribe@impala.apache.org
For additional commands, e-mail: issues-all-help@impala.apache.org