Uploaded image for project: 'PicketLink'
  1. PicketLink
  2. PLINK-499

SAML20/SAML11 AssertionTokenProviders->validate method is not checking assertion expiry properly

XMLWordPrintable

    • Icon: Bug Bug
    • Resolution: Done
    • Icon: Major Major
    • PLINK_2.6.0.Final
    • PLINK_2.6.0.CR5
    • SAML
    • None

      try

      { if (!AssertionUtil.hasExpired(issuedAssertion)) throw logger.samlAssertionExpiredError(); }

      catch (ConfigurationException e)

      { throw logger.processingError(e); }

      When the hasExpired method returns true, an exception should be thrown. Right now, it is throwing on opposite.

            anil.saldhana Anil Saldanha (Inactive)
            anil.saldhana Anil Saldanha (Inactive)
            Votes:
            0 Vote for this issue
            Watchers:
            1 Start watching this issue

              Created:
              Updated:
              Resolved: