[prev in list] [next in list] [prev in thread] [next in thread]
List: xmlrpc-user
Subject: [jira] [Created] (WSS-603) Improper date check in SamlAssertionWrapper.checkIssueInstant
From: "John Shipman (JIRA)" <jira () apache ! org>
Date: 2017-03-22 15:13:41
Message-ID: JIRA.13058258.1490195612000.89376.1490195621737 () Atlassian ! JIRA
[Download RAW message or body]
John Shipman created WSS-603:
--------------------------------
Summary: Improper date check in SamlAssertionWrapper.checkIssueInstant
Key: WSS-603
URL: https://issues.apache.org/jira/browse/WSS-603
Project: WSS4J
Issue Type: Bug
Components: WSS4J Core
Affects Versions: 2.1.8
Reporter: John Shipman
Assignee: Colm O hEigeartaigh
Priority: Blocker
On line 574, the code is supposed to be calculating the SAML Assertions expiration. \
The code is calculating the lower bound on the time window, but is not properly \
storing the calculated DateTime. So rather than checking the Issue, and is \
effectively checking to see if the issue date is after the current time, which is \
never the case.
The code reads:
currentTime.minusSeconds(ttl);
The code should read:
currentTime = currentTime.minusSeconds(ttl);
--
This message was sent by Atlassian JIRA
(v6.3.15#6346)
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@ws.apache.org
For additional commands, e-mail: dev-help@ws.apache.org
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic