RSTR Lifetime element sets current time in Created element
----------------------------------------------------------
Key: CXF-3932
URL: https://issues.apache.org/jira/browse/CXF-3932
Project: CXF
Issue Type: Improvement
Components: Services
Affects Versions: 2.5
Reporter: Oliver Wulff
The Created element of the RSTR lifetime element is set to the current time.
Therefore, it doesn't match with the condition element in the SAML token.
CXF-3931 added support for lifetime element in RST in DefaultConditionsProvider.
It's the decision of the STS from when till when a token is valid. This logic
is in the DefaultConditionsProvider in case of SAML. The information put into
the Condition element can't be set on the lifetime element of the RSTR because:
- TokenProviderResponse only provides the method (no from, till semantic)
public long getLifetime()
- If lifetime is below 5 minutes, the RSTR lifetime element is set to 5 minutes:
protected static LifetimeType createLifetime(long lifetime) {
...
Date creationTime = new Date();
Date expirationTime = new Date();
if (lifetime <= 0) {
lifetime = 300L;
}
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators:
https://issues.apache.org/jira/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira
