Early ticket invalidation (qlack2-fuse-ticket-server)
Opened this issue · 0 comments
IoannisKonstantinou commented
Conserning TicketServerServiceImpl class.
The isValid(ticket) function ignores the original duration of the ticket, in favor of autoExtending it. So it may expire before its time.
Scenario:
The server is configured as ticketValidUntil=360000 and ticketAutoExtendDuration=5000.
The ticket will expire 5 seconds after login.