Your achievements

Level 1

0% to

Level 2

Tip /
Sign in

Sign in to Community

to gain points, level up, and earn exciting badges like the new
Bedrock Mission!

Learn more

View all

Sign in to view all badges

AEM 6.1 - java.lang.IllegalArgumentException: Invalid token '' after changing token expiration

Avatar

Level 3

I attempted to follow the instructions at (1) to set the token expiration down to 15 minutes and have been unable to login again. I'm getting this exception:

11.01.2018 12:26:20.801 *WARN* org.eclipse.jetty.servlet.ServletHandler /

java.lang.IllegalArgumentException: Invalid token ''

at org.apache.jackrabbit.api.security.authentication.token.TokenCredentials.<init>(TokenCredentials.java:42)

at com.day.crx.security.token.impl.TokenAuthenticationHandler.extractCredentials(TokenAuthenticationHandler.java:464)

at org.apache.sling.auth.core.impl.AuthenticationHandlerHolder.doExtractCredentials(AuthenticationHandlerHolder.java:76)

at org.apache.sling.auth.core.impl.AbstractAuthenticationHandlerHolder.extractCredentials(AbstractAuthenticationHandlerHolder.java:60)

at org.apache.sling.auth.core.impl.SlingAuthenticator.getAuthenticationInfo(SlingAuthenticator.java:727)

at org.apache.sling.auth.core.impl.SlingAuthenticator.doHandleSecurity(SlingAuthenticator.java:475)

at org.apache.sling.auth.core.impl.SlingAuthenticator.handleSecurity(SlingAuthenticator.java:460)

at org.apache.sling.engine.impl.SlingHttpContext.handleSecurity(SlingHttpContext.java:121)

at org.apache.felix.http.base.internal.context.ServletContextImpl.handleSecurity(ServletContextImpl.java:339)

:

:

I set the values as specified in the document with the exception of the expiration value which I set to 900000 (15 minutes).

I have two questions about my current issue:

1. What do I need to do to successfully change my token expiration time?

2. Is there a way to recover from this problem without having to restore from a backup?

Thanks,

Randy

(1) - How to set the Oak login token session expiration

0 Replies

Avatar

Administrator

Check the following:

1. The issue can come dueto the white spaces added while configuring "org.apache.jackrabbit.oak.security.authentication.token.TokenConfigurationImpl". Please check for all extra white spaces existing in the configurations and do remove them.

2. AEM unable to login

3. AEM 6.1 + LDAP - Invalid token '' @ TokenCredentials

-Kautuk

Avatar

Level 3

I verified that there is no white space in any of the values set in o.a.j.o.s.a.t.TokenConfigurationImpl. I also tried to delete the cookies as was mentioned in the 'AEM unable to login' thread. Once I change the expiration value I'm essentially locked out of that instance. The one setting I've got a question about is the 'Hash Algorithm'. I'm not certain what should be set there and it's not mentioned in that documentation I linked above.

- Randy