cxf-issues mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Colm O hEigeartaigh (JIRA)" <>
Subject [jira] [Commented] (FEDIZ-48) Support wfresh properly in the IdP
Date Fri, 25 Jan 2013 10:53:14 GMT


Colm O hEigeartaigh commented on FEDIZ-48:

Hi Oli,

I'm a bit confused by the definition in the spec:

> An IP/STS SHOULD NOT issue a token with a longer lifetime.  If specified as “0” it
indicates a request for > the IP/STS to re-prompt the user for authentication before issuing
the token.

So if the RP passes "wfresh=0", what should the subsequent Expiry date of the STS issued token
be? According to the above it should not be longer than the given value of wfresh.

> Support wfresh properly in the IdP
> ----------------------------------
>                 Key: FEDIZ-48
>                 URL:
>             Project: CXF-Fediz
>          Issue Type: Improvement
>    Affects Versions: 1.0.2
>            Reporter: Colm O hEigeartaigh
>            Assignee: Colm O hEigeartaigh
>             Fix For: 1.1.0, 1.0.3
> This task is to properly support wfresh in the IdP. Currently, we only support "wfresh"
in the context of forcing a re-authentication if it's equal to "0". We should also use it
to specify the Lifetime when requesting a token from the STS.

This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see:

View raw message