[jira] [Updated] (FEDIZ-30) Relying Party can enforce re-authentication using wfresh parameter

[Oliver Wulff (JIRA)]

     [ 
https://issues.apache.org/jira/browse/FEDIZ-30?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Oliver Wulff updated FEDIZ-30:
------------------------------

    Description: 
An application can enforce a re-authentication by setting the wfresh parameter 
to 0 in the redirect to the IDP.

snippet from the spec 
(http://docs.oasis-open.org/wsfed/federation/v1.2/os/ws-federation-1.2-spec-os.html)

wfresh
This OPTIONAL parameter indicates the freshness requirements.  If specified, 
this indicates the desired maximum age of authentication specified in minutes.  
An IP/STS SHOULD NOT issue a token with a longer lifetime.  If specified as “0” 
it indicates a request for the IP/STS to re-prompt the user for authentication 
before issuing the token.    Note that this serves roughly the same purpose as 
the Freshness element in the WS-Trust SOAP RST messages.

email thread:
http://cxf.547215.n5.nabble.com/Logout-from-Fediz-from-single-web-application-td5713780.html

  was:
An application can enforce a re-authentication by setting the wfresh parameter 
to 0 in the redirect to the IDP.

email thread:
http://cxf.547215.n5.nabble.com/Logout-from-Fediz-from-single-web-application-td5713780.html

    
> Relying Party can enforce re-authentication using wfresh parameter
> ------------------------------------------------------------------
>
>                 Key: FEDIZ-30
>                 URL: https://issues.apache.org/jira/browse/FEDIZ-30
>             Project: CXF-Fediz
>          Issue Type: New Feature
>          Components: IDP, Plugin
>    Affects Versions: 1.0.1
>            Reporter: Oliver Wulff
>            Assignee: Oliver Wulff
>
> An application can enforce a re-authentication by setting the wfresh 
> parameter to 0 in the redirect to the IDP.
> snippet from the spec 
> (http://docs.oasis-open.org/wsfed/federation/v1.2/os/ws-federation-1.2-spec-os.html)
> wfresh
> This OPTIONAL parameter indicates the freshness requirements.  If specified, 
> this indicates the desired maximum age of authentication specified in 
> minutes.  An IP/STS SHOULD NOT issue a token with a longer lifetime.  If 
> specified as “0” it indicates a request for the IP/STS to re-prompt the user 
> for authentication before issuing the token.    Note that this serves roughly 
> the same purpose as the Freshness element in the WS-Trust SOAP RST messages.
> email thread:
> http://cxf.547215.n5.nabble.com/Logout-from-Fediz-from-single-web-application-td5713780.html

--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira