Java 使用openidConnectClient功能的WAS Liberty中存在无效的cookie标头错误_Java_Websphere Liberty

Java 使用openidConnectClient功能的WAS Liberty中存在无效的cookie标头错误

java

Java 使用openidConnectClient功能的WAS Liberty中存在无效的cookie标头错误,java,websphere-liberty,Java,Websphere Liberty,您好，我正在尝试在WAS Liberty服务器中使用openidConnectClient功能。SSO重定向正常，但经过身份验证后，我在WAS日志中发现以下错误 [WARNING ] Invalid cookie header: "Set-Cookie: bm_sz=E6857FC73F8747AB2F75A793B7D65133~YAAQDSMzuIh7CVtvAQAA4aDhtAZIt/4HtgRF9vJI0bzlLI1nndWBD+73K2ut9qe/cqrPHNtmvr9+f/knnsb

您好，我正在尝试在WAS Liberty服务器中使用openidConnectClient功能。SSO重定向正常，但经过身份验证后，我在WAS日志中发现以下错误

[WARNING ] Invalid cookie header: "Set-Cookie: bm_sz=E6857FC73F8747AB2F75A793B7D65133~YAAQDSMzuIh7CVtvAQAA4aDhtAZIt/4HtgRF9vJI0bzlLI1nndWBD+73K2ut9qe/cqrPHNtmvr9+f/knnsbRz+Ecsc4OtOmry6EdumGHqfyc3A6MM7tRHVtyu6juFPixoH+uCbj4gPzHxnjY9dmIc0iys4FAR7+HDFMZ0eVovgmrGKjfLrB/1a; Domain=.ibm.com; Path=/; Expires=Fri, 17 Jan 2020 23:01:23 GMT; Max-Age=14400; HttpOnly". Invalid 'expires' attribute: Fri, 17 Jan 2020 23:01:23 GMT
[WARNING ] Invalid cookie header: "Set-Cookie: _abck=C18B3D490F8A66E4FB164ACC795BDBE3~-1~YAAQDSMzuIl7CVtvAQAA4aDhtAP6sYDTSY3APsHdSQ5+1dv3bxrSDVeL86hSbZ846hnQ/PG68/ikeHSfmrt8FBq9Ujg9J+4fk5RLRgWelESCkckJA9JMfvY4RArNMk9j5bKClfXuUZ8ajxZs22pzNips6kfh+87M8BhIRisRkpsCKqaSg9FLvdijhTKtLkj/dwTPtQfVSKCwBKfYOFUkUW+Hx/4/UQh2flAXIK/tJLzezGbBvBMDtOhqzyZnPmn9ofgz+i1Ttj9HSi3bAQr+NlvbvjG0791qUFWQTLZPC42Pk2x3ZJot~-1~-1~-1; Domain=.ibm.com; Path=/; Expires=Sat, 16 Jan 2021 19:01:23 GMT; Max-Age=31536000; Secure". Invalid 'expires' attribute: Sat, 16 Jan 2021 19:01:23 GMT

我在server.xml中启用了以下功能

<featureManager>
        <feature>jsp-2.3</feature>
        <feature>localConnector-1.0</feature>
        <feature>jdbc-4.2</feature>
        <feature>servlet-4.0</feature>
        <feature>transportSecurity-1.0</feature>
        <feature>jndi-1.0</feature>
        <feature>openidConnectClient-1.0</feature>
        <feature>appSecurity-2.0</feature>
        <feature>sessionDatabase-1.0</feature>
    </featureManager>

我认为Liberty之外的其他东西正在设置这些cookie，可能是Liberty正在与OIDC提供商交谈，或者是通信路径上的其他东西。Liberty使用的Apache httpcomponents类不喜欢expires属性，因此会记录该警告。它可以在org/apache/http/client/protocol/ResponseProcessCookies.class中找到。由于OIDC客户端不使用这些cookie，我认为您可能可以忽略此警告。您可以通过将跟踪规范设置为包含org.apache.http.client.protocol.*=off来抑制它，谢谢您的回复。我使用IBMID作为OIDC提供程序。我应该将org.apache.http.client.protocol.*=off放在哪个设置文件中是libery？它会像这样放在oidc客户端的server.xml中：我收到相同的错误代码更改，这些警告应该在20.002中消失

Product name: WebSphere Application Server
Product version: 19.0.0.12
Product edition: BASE_ILAN

-----
java version "1.8.0_221"
Java(TM) SE Runtime Environment (build 8.0.5.40 - pwa6480sr5fp40-20190807_01(SR5 FP40))
IBM J9 VM (build 2.9, JRE 1.8.0 Windows 10 amd64-64-Bit Compressed References 20190802_424001 (JIT enabled, AOT enabled)
OpenJ9   - 106f6ce
OMR      - fe07f6f
IBM      - af2a365)
JCL - 20190712_01 based on Oracle jdk8u221-b11