Closed ntruchsess closed 1 month ago
Parameter validateLifetime has been added to the configuration of backendservices to enable expiration-check of keycloak-tokens.
without this configuration the backendservices accept expired tokens from keycloak. This is a security-issue.
https://github.com/eclipse-tractusx/portal-backend/issues/586
Link to pull request from other repository. N/A
Please delete options that are not relevant.
Description
Parameter validateLifetime has been added to the configuration of backendservices to enable expiration-check of keycloak-tokens.
Why
without this configuration the backendservices accept expired tokens from keycloak. This is a security-issue.
Issue
https://github.com/eclipse-tractusx/portal-backend/issues/586
Link to pull request from other repository. N/A
Checklist
Please delete options that are not relevant.