Lev Himmelfarb

icon company SpaceX icon location Los Angeles

Results 5 comments of Lev Himmelfarb

org.apache.catalina.authenticator.AuthenticatorBase.invoke Failed authenticate() test

Those username and URI strings in your logs are not supposed to be empty. You're correct by approaching the problem by enabling FINE logging and inspecting the logs. My recommendation,...

Extract username from access token

Not sure I follow. If the access token is a JWT, then yes, you can extract all the claims from it. Please explain in more detail.

Extract username from access token

Theoretically speaking, access tokens are not supposed to be parsed by the application, they should be treated as opaque (even if it's a JWT) and only used for authenticating remote...

Scheme is not always HTTPS. For test cases, it could be plain HTTP

The problem is that I can envision a situation when the webapp's login page--the page that, say, shows the button that redirects to the IdP's login page--is not HTTPS. In...

Scheme is not always HTTPS. For test cases, it could be plain HTTP

Can the valve's `hostBaseURI` property be used to resolve this issue?