Uploaded image for project: 'WSS4J'
  1. WSS4J
  2. WSS-522

Enforce security constraints on SAML AuthnStatement attributes

    Details

    • Type: Improvement
    • Status: Closed
    • Priority: Major
    • Resolution: Fixed
    • Affects Version/s: None
    • Fix Version/s: 1.6.18, 2.0.3
    • Component/s: None
    • Labels:
      None

      Description


      This task is to enforce security constraints on SAML AuthnStatement attributes. Namely, make sure that an AuthnInstant isn't in the future, that the SessionNotOnOrAfter is not stale, and that the SubjectLocality IP address is valid.

        Attachments

          Activity

            People

            • Assignee:
              coheigea Colm O hEigeartaigh
              Reporter:
              coheigea Colm O hEigeartaigh
            • Votes:
              0 Vote for this issue
              Watchers:
              1 Start watching this issue

              Dates

              • Created:
                Updated:
                Resolved: