WSO2 Api Manager - 如何更改 JWT 的过期时间? [英] WSO2 Api Manager - How to change the expiration time of JWT?

问题描述

我想更改在 WSO2 Api Manager 中创建的 JWT 令牌的过期时间.好像默认时间是15分钟.

I want to change the expiration time of JWT token created in WSO2 Api Manager. It seems that the default time is 15 minutes.

{"typ":"JWT","alg":"none"}.
{
"iss": "wso2.org/products/am",
"exp": 1464255150998,
 ...
}

从这个链接 - Wso2 Jira - APIMANAGER-3493 ，看来我们可以使用 APIKeyManager 下/repository/conf/api-manager.xml 中的SecurityContextTTL"属性来更改 JWT 的过期时间.

From this link - Wso2 Jira - APIMANAGER-3493 , it seems that we can use "SecurityContextTTL" property in /repository/conf/api-manager.xml under APIKeyManager to change the expiration time of the JWT.

但我在 api-manager.xml 中找不到此设置(即使是注释掉的配置).我正在使用 wso2am-1.9.1.

But I could not find this setting available in api-manager.xml (not even as a commented out configuration). I am using wso2am-1.9.1.

此属性是否已从配置中删除?如果是，那么我们如何更改 JWT 的过期时间?

Is this property removed from the configurations? If yes, then how can we change the expiration time of the JWT?

是否有任何文档提及此属性及其用途?

Is there any documentation available mentioning about this property and its usage?

任何指针表示赞赏.谢谢.

Any pointers are appreciated. Thanks.

推荐答案

应用如下，在APIKeyValidator部分，

It should be applied as follows, under APIKeyValidator section,

   <APIKeyValidator>
           <SecurityContextTTL>5</SecurityContextTTL>
   </APIKeyValidator>

但是根据你提到的 Jira，这个版本似乎有一个错误.

But as per the Jira you mentioned, it seems there is a bug in this version.

WSO2 已在下一个版本 (2.0.0) 中使用新属性修复了此问题，请参阅 [1].

WSO2 has fixed this in next version(2.0.0), using a new property, see [1].

[1] https://wso2.org/jira/browse/APIMANAGER-4575

这篇关于WSO2 Api Manager - 如何更改 JWT 的过期时间?的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！