Loading...

XML

Word

Printable

JSON

Type: Task
Resolution: Unresolved
Priority: Major - P3
Fix Version/s: None
Affects Version/s: None
Component/s: None
Labels:
None

Assigned Teams:

Server Security
Sprint:
Security 2024-07-22, Security 2024-08-05, Security 2024-08-19
Confidence Status:
None
Work Order:
3
CAR Domain/s:
None

Aha! Reference:
None
Tracking Level:
None
Risk Status:
None
Exec Notes:
None
Goal Name(s):
None
Goal Link:
None

Create the jwkLifetimeMins server parameter, and use it to set the expiration date on the server-generated JWK keys. Additionally, ensure that we are checking the JWK expiration dates as soon as possible before loading them, and are not using those expired keys to validate tokens.

depends on

SERVER-91645 Build the shard implementation of AuthSessionTokenManager

Needs Scheduling

is depended on by

SERVER-91658 Create a listPublicAuthTokens aggregation doc source

Needs Scheduling

SERVER-91659 Create an expireAuthToken command

Needs Scheduling

SERVER-91661 Create a PeriodicJob to delete expired JWK keys

Needs Scheduling

Assignee:: Unassigned
Reporter:: Erin McNulty
Participants:: Erin McNulty
Votes:: 0 Vote for this issue
Watchers:: 1 Start watching this issue

Created:: Jun 18 2024 06:20:53 PM UTC
Updated:: Aug 19 2024 05:03:20 PM UTC

Details

Description

Attachments

Issue Links

Activity

People

Dates