diff options
author | Thomas Lenz <tlenz@iaik.tugraz.at> | 2016-04-08 06:22:13 +0200 |
---|---|---|
committer | Thomas Lenz <tlenz@iaik.tugraz.at> | 2016-04-08 06:22:13 +0200 |
commit | 1e66fa62ef2114aa412e4c207c8180c18aa07a0b (patch) | |
tree | e927e6f8ceff462bc6036e2a578500314ec6f9b4 | |
parent | 5ad752b76eed7c345638ecd67f180919a4f9d3d7 (diff) | |
download | moa-id-spss-1e66fa62ef2114aa412e4c207c8180c18aa07a0b.tar.gz moa-id-spss-1e66fa62ef2114aa412e4c207c8180c18aa07a0b.tar.bz2 moa-id-spss-1e66fa62ef2114aa412e4c207c8180c18aa07a0b.zip |
fix bug in PVP2 assertion builder.
- https://docs.oasis-open.org/security/saml/v2.0/saml-profiles-2.0-os.pdf does not allow 'NotBefore' attribute in <SubjectConfirmationData> when 'Method' contains 'urn:oasis:names:tc:SAML:2.0:cm:bearer' (see 554 - 560 chapter 4.1.4.2)
-rw-r--r-- | id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/builder/assertion/PVP2AssertionBuilder.java | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/builder/assertion/PVP2AssertionBuilder.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/builder/assertion/PVP2AssertionBuilder.java index 68301d000..483bcb1ec 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/builder/assertion/PVP2AssertionBuilder.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/builder/assertion/PVP2AssertionBuilder.java @@ -436,7 +436,7 @@ public class PVP2AssertionBuilder implements PVPConstants { .createSAMLObject(SubjectConfirmationData.class); subjectConfirmationData.setInResponseTo(authnRequest.getID()); subjectConfirmationData.setNotOnOrAfter(new DateTime(authData.getSsoSessionValidTo().getTime())); - subjectConfirmationData.setNotBefore(date); +// subjectConfirmationData.setNotBefore(date); subjectConfirmationData.setRecipient(assertionConsumerService.getLocation()); |