Skip to content

Implement Secure JWT Error Handling #2

Description

@viceda-s

Problem: Token validation exceptions are swallowed silently, making it impossible to audit malicious token attempts or debug authentication issues.

Acceptance Criteria:

  • Add explicit log.warn for JwtException inside JwtAuthFilter.
  • Ensure the filter chain continues securely (returning 401 via HttpStatusEntryPoint) without exposing stack traces to the client.

Metadata

Metadata

Assignees

No one assigned

    Labels

    securitySecurity and reliabilitytech-debtTechnical Debt

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions