For OWSM 11.1.1.9 and 12.2.1.0, The Validity Timestamp For The JWT Policy Is Incorrectly Set In Milliseconds (Doc ID 2195022.1)

Last updated on OCTOBER 28, 2016

Applies to:

Oracle Web Services Manager - Version 12.2.1.0.0 and later
Information in this document applies to any platform.

Goal

Using JWT (JSON Web Token) for identity propagation in a RESTful web services context.

Using the OWSM provided oracle/http_jwt_token_client_policy to issue the JWT succeeds, but the validity timestamp is erroneous due to the timestamps being in milliseconds.
This would appear to match the activity in bug 19943252 (JWT TIMESTAMPS ARE IN MILLISECONDS SINCE EPOCH RATHER THAN SECONDS).

The bug is listed as fixed, but the fixes do not appear to be in Fusion Middleware versions 11.1.1.9.0 or 12.2.1.0.0.

Is there a fix available for these versions?
If so, what steps need to be performed in order to get this fix applied to these versions of Fusion Middleware?
 

Solution

Sign In with your My Oracle Support account

Don't have a My Oracle Support account? Click to get started

My Oracle Support provides customers with access to over a
Million Knowledge Articles and hundreds of Community platforms