[prev in list] [next in list] [prev in thread] [next in thread] 

List:       xmlrpc-user
Subject:    [jira] [Created] (WSS-603) Improper date check in SamlAssertionWrapper.checkIssueInstant
From:       "John Shipman (JIRA)" <jira () apache ! org>
Date:       2017-03-22 15:13:41
Message-ID: JIRA.13058258.1490195612000.89376.1490195621737 () Atlassian ! JIRA
[Download RAW message or body]

John Shipman created WSS-603:
--------------------------------

             Summary: Improper date check in SamlAssertionWrapper.checkIssueInstant
                 Key: WSS-603
                 URL: https://issues.apache.org/jira/browse/WSS-603
             Project: WSS4J
          Issue Type: Bug
          Components: WSS4J Core
    Affects Versions: 2.1.8
            Reporter: John Shipman
            Assignee: Colm O hEigeartaigh
            Priority: Blocker


On line 574, the code is supposed to be calculating the SAML Assertions expiration.  \
The code is calculating the lower bound on the time window, but is not properly \
storing the calculated DateTime.  So rather than checking the Issue, and is \
effectively checking to see if the issue date is after the current time, which is \
never the case.

The code reads:
   currentTime.minusSeconds(ttl);
The code should read:
   currentTime = currentTime.minusSeconds(ttl);




--
This message was sent by Atlassian JIRA
(v6.3.15#6346)

---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@ws.apache.org
For additional commands, e-mail: dev-help@ws.apache.org


[prev in list] [next in list] [prev in thread] [next in thread]