[prev in list] [next in list] [prev in thread] [next in thread]
List: webservices-general
Subject: [jira] [Resolved] (WSS-639) IssueInstant NotOnOrAfter is not checked when specified
From: "Colm O hEigeartaigh (JIRA)" <jira () apache ! org>
Date: 2018-12-19 23:15:00
Message-ID: JIRA.13205403.1545230707000.196921.1545261300605 () Atlassian ! JIRA
[Download RAW message or body]
[ https://issues.apache.org/jira/browse/WSS-639?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel \
]
Colm O hEigeartaigh resolved WSS-639.
-------------------------------------
Resolution: Not A Problem
> IssueInstant NotOnOrAfter is not checked when specified
> -------------------------------------------------------
>
> Key: WSS-639
> URL: https://issues.apache.org/jira/browse/WSS-639
> Project: WSS4J
> Issue Type: Bug
> Components: WSS4J Core
> Affects Versions: 2.2.1, 2.2.2
> Reporter: Ralph Bastiaansen
> Assignee: Colm O hEigeartaigh
> Priority: Major
>
> In org.apache.wss4j.common.saml.SamlAssertionWrapper in method checkIssueInstance, \
> line 862. When validTill is not null, no check is performed.
>
> {code:java}
> // If there is no NotOnOrAfter, then impose a TTL on the IssueInstant.
> if (validTill == null) {
> currentTime = new DateTime().minusSeconds(ttl);
> if (issueInstant.isBefore(currentTime)) {
> LOG.debug("SAML Token IssueInstant not met. The assertion was created too long \
> ago."); throw new WSSecurityException(WSSecurityException.ErrorCode.FAILURE, \
> "invalidSAMLsecurity"); }
> }{code}
>
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@ws.apache.org
For additional commands, e-mail: dev-help@ws.apache.org
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic