JWT issues #185
Description
Hi.
We have updated our environment from:
Reaper: 3.6.1
K8S Operator: 1.19
Cassandra: 4.1.0
to
Reaper: 4.0.1
K8S Operator: 1.26
Cassandra: 4.10
We know that shiro authentication was replaced with JWT, but it seems we made something wrong in the configuration and kindly ask for your support.
We are getting the following error messages:
reaper WARN [2025-12-05 12:03:23,117] [dw-29 - GET /repair_run?cluster_name=all&limit=10] i.c.a.JwtAuthenticator - Invalid JWT token: JWT expired 245117 milliseconds ago at 2025-12-05T11:59:18.000Z. Current time: 2025-12-05T12:03:23.117Z. Allowed clock skew: 0 milliseconds.
After the restart all seems to be fine and then it starts.
The timeout in the cassandra-reaper.yml is set to: sessionTimeout: PT10M
Perhaps if someone can give us some more insights we understand it a little better ...
Why does this key not getting a new one every 10 minutes?
Which service is responsible that the first key is valid for 10 minutes (operator, cassandra)?
We are wondering why a new reaper pod has not the effect that for 10 minutes all is fine again.
(Until we understand what we made wrong the jwt/secret value in the config is still the default value)