CXF
  1. CXF
  2. CXF-3932

RSTR Lifetime element sets current time in Created element

    Details

    • Type: Improvement Improvement
    • Status: Closed
    • Priority: Major Major
    • Resolution: Fixed
    • Affects Version/s: 2.5
    • Fix Version/s: 2.6.10, 2.7.7
    • Component/s: Services
    • Labels:
      None
    • Estimated Complexity:
      Unknown

      Description

      The Created element of the RSTR lifetime element is set to the current time. Therefore, it doesn't match with the condition element in the SAML token.

      CXF-3931 added support for lifetime element in RST in DefaultConditionsProvider.

      It's the decision of the STS from when till when a token is valid. This logic is in the DefaultConditionsProvider in case of SAML. The information put into the Condition element can't be set on the lifetime element of the RSTR because:

      • TokenProviderResponse only provides the method (no from, till semantic)
        public long getLifetime()
      • If lifetime is below 5 minutes, the RSTR lifetime element is set to 5 minutes:

      protected static LifetimeType createLifetime(long lifetime) {
      ...
      Date creationTime = new Date();
      Date expirationTime = new Date();
      if (lifetime <= 0)

      { lifetime = 300L; }

        Issue Links

          Activity

          There are no comments yet on this issue.

            People

            • Assignee:
              Colm O hEigeartaigh
              Reporter:
              Oliver Wulff
            • Votes:
              0 Vote for this issue
              Watchers:
              0 Start watching this issue

              Dates

              • Created:
                Updated:
                Resolved:

                Development