Uploaded image for project: 'WSS4J'
  1. WSS4J
  2. WSS-522

Enforce security constraints on SAML AuthnStatement attributes

    Details

    • Type: Improvement
    • Status: Closed
    • Priority: Major
    • Resolution: Fixed
    • Affects Version/s: None
    • Fix Version/s: 1.6.18, 2.0.3
    • Component/s: None
    • Labels:
      None

      Description


      This task is to enforce security constraints on SAML AuthnStatement attributes. Namely, make sure that an AuthnInstant isn't in the future, that the SessionNotOnOrAfter is not stale, and that the SubjectLocality IP address is valid.

        Activity

        There are no comments yet on this issue.

          People

          • Assignee:
            coheigea Colm O hEigeartaigh
            Reporter:
            coheigea Colm O hEigeartaigh
          • Votes:
            0 Vote for this issue
            Watchers:
            1 Start watching this issue

            Dates

            • Created:
              Updated:
              Resolved:

              Development