You are viewing a plain text version of this content. The canonical link for it is here.
Posted to issues@nifi.apache.org by "David Handermann (Jira)" <ji...@apache.org> on 2022/08/05 12:44:00 UTC
[jira] [Commented] (NIFI-10321) invalid_token error after SAML session timeout
[ https://issues.apache.org/jira/browse/NIFI-10321?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17575822#comment-17575822 ]
David Handermann commented on NIFI-10321:
-----------------------------------------
Thank you for describing the issue [~macdoor615]. The Expired JWT message is expected when the session times out based on the configured value of {{nifi.security.user.saml.authentication.expiration}} in {{nifi.properties}}. It is necessary to initiate a new login to the SAML Identity Provider in order to get a new token.
> invalid_token error after SAML session timeout
> -----------------------------------------------
>
> Key: NIFI-10321
> URL: https://issues.apache.org/jira/browse/NIFI-10321
> Project: Apache NiFi
> Issue Type: Bug
> Components: Core UI
> Affects Versions: 1.17.0
> Environment: CentOS 8, NIFI 1.17.0, Keycloak 19.0.1
> Reporter: macdoor615
> Priority: Major
> Fix For: 1.18.0
>
> Attachments: 截屏2022-08-05 13.31.47.png
>
>
> I follow
> [https://bryanbende.com/development/2021/02/17/apache-nifi-saml-keycloak] to
> config nifi 1.17.0. NIFI can login successful with SAML Authentication with Keycloak 19.0.1. But when nifi times out with SAML session. NIFI UI gives the following error.
> {code:java}
> Unauthorized error="invalid_token", error_description="An error occurred while attempting to decode the Jwt: Expired JWT", error_uri="https://tools.ietf.org/html/rfc6750#section-3.1"{code}
>
>
--
This message was sent by Atlassian Jira
(v8.20.10#820010)