Uploaded image for project: 'WildFly Core'
  1. WildFly Core
  2. WFCORE-5691

Allow setting timeout for token introspection

    XMLWordPrintable

Details

    • Feature Request
    • Resolution: Unresolved
    • Major
    • None
    • 18.0.0.Beta2
    • Security
    • None

    Description

      The OAuth2IntrospectValidator currently doesn't set a connection/read timeout for introspection of the token. The JwtValidator uses a fixed timeout of 2s. Add connectionTimeout and readTimeout parameters to both validators.

      This issue is for follow up in the Elytron subsystem to expose this configuration in the management model.

      Attachments

        Issue Links

          clones

          Task - Represents a small unit of work that is not end-user facing. ELY-2189 Allow setting timeout for token introspection

          • Major - To be worked after higher priority work items are addressed. When the severity is high and the effort to change it is low to moderate, this term is chosen. Issues in this category likely have an existing workaround but implementation or execution may be non-trivial.
          • Resolved

          Activity

            People

              lvydra Lukas Vydra
              ttarrant@redhat.com Tristan Tarrant
              Votes:
              0 Vote for this issue
              Watchers:
              3 Start watching this issue

              Dates

                Created:
                Updated: