aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorThomas Lenz <tlenz@iaik.tugraz.at>2016-04-08 06:22:13 +0200
committerThomas Lenz <tlenz@iaik.tugraz.at>2016-04-08 06:22:13 +0200
commit1e66fa62ef2114aa412e4c207c8180c18aa07a0b (patch)
treee927e6f8ceff462bc6036e2a578500314ec6f9b4
parent5ad752b76eed7c345638ecd67f180919a4f9d3d7 (diff)
downloadmoa-id-spss-1e66fa62ef2114aa412e4c207c8180c18aa07a0b.tar.gz
moa-id-spss-1e66fa62ef2114aa412e4c207c8180c18aa07a0b.tar.bz2
moa-id-spss-1e66fa62ef2114aa412e4c207c8180c18aa07a0b.zip
fix bug in PVP2 assertion builder.
- https://docs.oasis-open.org/security/saml/v2.0/saml-profiles-2.0-os.pdf does not allow 'NotBefore' attribute in <SubjectConfirmationData> when 'Method' contains 'urn:oasis:names:tc:SAML:2.0:cm:bearer' (see 554 - 560 chapter 4.1.4.2)
-rw-r--r--id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/builder/assertion/PVP2AssertionBuilder.java2
1 files changed, 1 insertions, 1 deletions
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/builder/assertion/PVP2AssertionBuilder.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/builder/assertion/PVP2AssertionBuilder.java
index 68301d000..483bcb1ec 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/builder/assertion/PVP2AssertionBuilder.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/builder/assertion/PVP2AssertionBuilder.java
@@ -436,7 +436,7 @@ public class PVP2AssertionBuilder implements PVPConstants {
.createSAMLObject(SubjectConfirmationData.class);
subjectConfirmationData.setInResponseTo(authnRequest.getID());
subjectConfirmationData.setNotOnOrAfter(new DateTime(authData.getSsoSessionValidTo().getTime()));
- subjectConfirmationData.setNotBefore(date);
+// subjectConfirmationData.setNotBefore(date);
subjectConfirmationData.setRecipient(assertionConsumerService.getLocation());