For OWSM 220.127.116.11 and 18.104.22.168, The Validity Timestamp For The JWT Policy Is Incorrectly Set In Milliseconds
(Doc ID 2195022.1)
Last updated on OCTOBER 07, 2022
Applies to:Oracle Web Services Manager - Version 22.214.171.124.0 and later
Information in this document applies to any platform.
Using JWT (JSON Web Token) for identity propagation in a RESTful web services context.
Using the OWSM provided oracle/http_jwt_token_client_policy to issue the JWT succeeds, but the validity timestamp is erroneous due to the timestamps being in milliseconds.
This would appear to match the activity in bug 19943252 (JWT TIMESTAMPS ARE IN MILLISECONDS RATHER THAN SECONDS).
The bug is listed as fixed, but the fixes do not appear to be in Fusion Middleware versions 126.96.36.199.0 or 188.8.131.52.0.
Is there a fix available for these versions?
If so, what steps need to be performed in order to get this fix applied to these versions of Fusion Middleware?
To view full details, sign in with your My Oracle Support account.
Don't have a My Oracle Support account? Click to get started!
In this Document