Uploaded image for project: 'PicketLink'
  1. PicketLink
  2. PLINK-499

SAML20/SAML11 AssertionTokenProviders->validate method is not checking assertion expiry properly

XMLWordPrintable

    • Icon: Bug Bug
    • Resolution: Done
    • Icon: Major Major
    • PLINK_2.6.0.Final
    • PLINK_2.6.0.CR5
    • SAML
    • None

      try

      { if (!AssertionUtil.hasExpired(issuedAssertion)) throw logger.samlAssertionExpiredError(); }

      catch (ConfigurationException e)

      { throw logger.processingError(e); }

      When the hasExpired method returns true, an exception should be thrown. Right now, it is throwing on opposite.

              anil.saldhana Anil Saldanha (Inactive)
              anil.saldhana Anil Saldanha (Inactive)
              Votes:
              0 Vote for this issue
              Watchers:
              1 Start watching this issue

                Created:
                Updated:
                Resolved: