[Red Hat JIRA] (WFLY-13164) When "corrupted" public key is supplied to server, user is not informed

Wednesday, 6 January 2021

    [
https://issues.redhat.com/browse/WFLY-13164?page=com.atlassian.jira.plugi...
] 

Jan Kasik commented on WFLY-13164:
----------------------------------

Hi [~szaldana], sorry I don't remember exact details, but what happened was that this
test was passing with feature branch before it was merged and with WildFly master branch
right after this feature was merged. The commit which broke it must appeared between two
tags, this is why you probably cannot find tagged/released version where this test is
passing.

...
 When "corrupted" public key is supplied to server, user is
not informed
 -----------------------------------------------------------------------

                 Key: WFLY-13164
                 URL: https://issues.redhat.com/browse/WFLY-13164
             Project: WildFly
          Issue Type: Bug
          Components: MP JWT
    Affects Versions: 19.0.0.Beta2, 20.0.0.Beta1
            Reporter: Jan Kasik
            Priority: Critical
         Attachments: CorruptedKeyTest.war

 When corrupted public key (a valid key cannot be extracted from the string value) is
supplied to JWT verifier, user is not informed since there is no error message in log and
clients receives 401 status code in response instead of an error code of 500. 

--
This message was sent by Atlassian Jira
(v8.13.1#813001)

2026

2025

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

2006