cxf-issues mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Colm O hEigeartaigh (JIRA)" <j...@apache.org>
Subject [jira] [Commented] (FEDIZ-48) Support wfresh properly in the IdP
Date Fri, 25 Jan 2013 10:53:14 GMT

    [ https://issues.apache.org/jira/browse/FEDIZ-48?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13562595#comment-13562595
] 

Colm O hEigeartaigh commented on FEDIZ-48:
------------------------------------------

Hi Oli,

I'm a bit confused by the definition in the spec:

> An IP/STS SHOULD NOT issue a token with a longer lifetime.  If specified as “0” it
indicates a request for > the IP/STS to re-prompt the user for authentication before issuing
the token.

So if the RP passes "wfresh=0", what should the subsequent Expiry date of the STS issued token
be? According to the above it should not be longer than the given value of wfresh.

Colm.
                
> Support wfresh properly in the IdP
> ----------------------------------
>
>                 Key: FEDIZ-48
>                 URL: https://issues.apache.org/jira/browse/FEDIZ-48
>             Project: CXF-Fediz
>          Issue Type: Improvement
>    Affects Versions: 1.0.2
>            Reporter: Colm O hEigeartaigh
>            Assignee: Colm O hEigeartaigh
>             Fix For: 1.1.0, 1.0.3
>
>
> This task is to properly support wfresh in the IdP. Currently, we only support "wfresh"
in the context of forcing a re-authentication if it's equal to "0". We should also use it
to specify the Lifetime when requesting a token from the STS.

--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira

Mime
View raw message