John Shipman created WSS-603:
--------------------------------
Summary: Improper date check in
SamlAssertionWrapper.checkIssueInstant
Key: WSS-603
URL: https://issues.apache.org/jira/browse/WSS-603
Project: WSS4J
Issue Type: Bug
Components: WSS4J Core
Affects Versions: 2.1.8
Reporter: John Shipman
Assignee: Colm O hEigeartaigh
Priority: Blocker
On line 574, the code is supposed to be calculating the SAML Assertions
expiration. The code is calculating the lower bound on the time window, but is
not properly storing the calculated DateTime. So rather than checking the
Issue, and is effectively checking to see if the issue date is after the
current time, which is never the case.
The code reads:
currentTime.minusSeconds(ttl);
The code should read:
currentTime = currentTime.minusSeconds(ttl);
--
This message was sent by Atlassian JIRA
(v6.3.15#6346)
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
