Expand my Community achievements bar.

AEM 6.1 - java.lang.IllegalArgumentException: Invalid token '' after changing token expiration


Level 3

I attempted to follow the instructions at (1) to set the token expiration down to 15 minutes and have been unable to login again. I'm getting this exception:

11.01.2018 12:26:20.801 *WARN* org.eclipse.jetty.servlet.ServletHandler /

java.lang.IllegalArgumentException: Invalid token ''

at org.apache.jackrabbit.api.security.authentication.token.TokenCredentials.<init>(TokenCredentials.java:42)

at com.day.crx.security.token.impl.TokenAuthenticationHandler.extractCredentials(TokenAuthenticationHandler.java:464)

at org.apache.sling.auth.core.impl.AuthenticationHandlerHolder.doExtractCredentials(AuthenticationHandlerHolder.java:76)

at org.apache.sling.auth.core.impl.AbstractAuthenticationHandlerHolder.extractCredentials(AbstractAuthenticationHandlerHolder.java:60)

at org.apache.sling.auth.core.impl.SlingAuthenticator.getAuthenticationInfo(SlingAuthenticator.java:727)

at org.apache.sling.auth.core.impl.SlingAuthenticator.doHandleSecurity(SlingAuthenticator.java:475)

at org.apache.sling.auth.core.impl.SlingAuthenticator.handleSecurity(SlingAuthenticator.java:460)

at org.apache.sling.engine.impl.SlingHttpContext.handleSecurity(SlingHttpContext.java:121)

at org.apache.felix.http.base.internal.context.ServletContextImpl.handleSecurity(ServletContextImpl.java:339)



I set the values as specified in the document with the exception of the expiration value which I set to 900000 (15 minutes).

I have two questions about my current issue:

1. What do I need to do to successfully change my token expiration time?

2. Is there a way to recover from this problem without having to restore from a backup?



(1) - How to set the Oak login token session expiration

1 Reply



Check the following:

1. The issue can come dueto the white spaces added while configuring "org.apache.jackrabbit.oak.security.authentication.token.TokenConfigurationImpl". Please check for all extra white spaces existing in the configurations and do remove them.

2. AEM unable to login

3. AEM 6.1 + LDAP - Invalid token '' @ TokenCredentials



Level 3

I verified that there is no white space in any of the values set in o.a.j.o.s.a.t.TokenConfigurationImpl. I also tried to delete the cookies as was mentioned in the 'AEM unable to login' thread. Once I change the expiration value I'm essentially locked out of that instance. The one setting I've got a question about is the 'Hash Algorithm'. I'm not certain what should be set there and it's not mentioned in that documentation I linked above.

- Randy

page footer