[
https://issues.apache.org/jira/browse/FEDIZ-48?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13562595#comment-13562595
]
Colm O hEigeartaigh commented on FEDIZ-48:
------------------------------------------
Hi Oli,
I'm a bit confused by the definition in the spec:
> An IP/STS SHOULD NOT issue a token with a longer lifetime. If specified as
> “0” it indicates a request for > the IP/STS to re-prompt the user for
> authentication before issuing the token.
So if the RP passes "wfresh=0", what should the subsequent Expiry date of the
STS issued token be? According to the above it should not be longer than the
given value of wfresh.
Colm.
> Support wfresh properly in the IdP
> ----------------------------------
>
> Key: FEDIZ-48
> URL: https://issues.apache.org/jira/browse/FEDIZ-48
> Project: CXF-Fediz
> Issue Type: Improvement
> Affects Versions: 1.0.2
> Reporter: Colm O hEigeartaigh
> Assignee: Colm O hEigeartaigh
> Fix For: 1.1.0, 1.0.3
>
>
> This task is to properly support wfresh in the IdP. Currently, we only
> support "wfresh" in the context of forcing a re-authentication if it's equal
> to "0". We should also use it to specify the Lifetime when requesting a token
> from the STS.
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira
