wasp.log: Token is invalid.: JWTInvalidException: Token cannot be verified
search cancel

wasp.log: Token is invalid.: JWTInvalidException: Token cannot be verified

book

Article ID: 217943

calendar_today

Updated On:

Products

DX Unified Infrastructure Management (Nimsoft / UIM)

Issue/Introduction

Since ump_operatorconsole 2.10hf2, our wasp have start to continuously log the following error messages.

Jun 03 18:16:52:988 ERROR [https-jsse-nio-443-exec-24, com.firehunter.ump.auth.TokenManager] Failed to validate tokencom.firehunter.ump.exceptions.JWTInvalidException: Token cannot be verified 
Jun 03 18:16:55:462 ERROR [https-jsse-nio-443-exec-19, com.firehunter.ump.utils.SecurityUtil] Token cannot be verifiedjava.lang.IllegalArgumentException: Json Web Token  cannot be verified! 
Jun 03 18:16:55:462 ERROR [https-jsse-nio-443-exec-19, com.firehunter.ump.auth.TokenManager] Failed to validate tokencom.firehunter.ump.exceptions.JWTInvalidException: Token cannot be verified 
Jun 03 18:16:55:462 ERROR [https-jsse-nio-443-exec-19, com.firehunter.ump.auth.JWTVerificationFilter] Token is invalid.:com.firehunter.ump.exceptions.JWTInvalidException: Token cannot be verified 
Jun 03 18:16:55:478 ERROR [https-jsse-nio-443-exec-22, com.firehunter.ump.utils.SecurityUtil] Token cannot be verifiedjava.lang.IllegalArgumentException: Json Web Token  cannot be verified! 
Jun 03 18:16:55:478 ERROR [https-jsse-nio-443-exec-22, com.firehunter.ump.auth.TokenManager] Failed to validate tokencom.firehunter.ump.exceptions.JWTInvalidException: Token cannot be verified 

Are these errors expected? 

Environment

Release : 20.3, 20.4

Component : UIM Operator Console - Inventory

Cause

working as designed

Resolution

These errors are logged in the wasp.log when a user is trying to make an API call to wasp's webapps with a JWT token that is created with a different sharedSecret(oc.jwt.sharedSecret config key in wasp.cfg).

On every wasp restart a new shared secret is created. All the earlier logins would not work and fail with this error.

According to our development team, these are valid error messages. 

Additional Information

Assume someone has logged into OC days ago in a VM and left it open in the page where there are recursive calls like say on Home overview page, groups page. Sometime after that wasp has been restarted. Now the older api(s) are still trying to hit the server causing this error. 

Same error would occur when an invalid token is used to access the api resource.

Powered by Wolken Software