/** * Check whether the assertion has expired * @param assertion * @return * @throws ConfigurationException */ public static boolean hasExpired(SAML11AssertionType assertion) throws ConfigurationException { boolean expiry = false; //Check for validity of assertion SAML11ConditionsType conditionsType = assertion.getConditions(); if (conditionsType != null) { XMLGregorianCalendar now = XMLTimeUtil.getIssueInstant(); XMLGregorianCalendar notBefore = conditionsType.getNotBefore(); XMLGregorianCalendar notOnOrAfter = conditionsType.getNotOnOrAfter(); if (trace) log.trace("Now=" + now.toXMLFormat() + " ::notBefore=" + notBefore.toXMLFormat() + "::notOnOrAfter=" + notOnOrAfter); expiry = !XMLTimeUtil.isValid(now, notBefore, notOnOrAfter); if (expiry) { log.info("Assertion has expired with id=" + assertion.getID()); } } //TODO: if conditions do not exist, assume the assertion to be everlasting? return expiry; }
/** * Check whether the assertion has expired * @param assertion * @return * @throws ConfigurationException */ public static boolean hasExpired(SAML11AssertionType assertion) throws ConfigurationException { boolean expiry = false; //Check for validity of assertion SAML11ConditionsType conditionsType = assertion.getConditions(); if (conditionsType != null) { XMLGregorianCalendar now = XMLTimeUtil.getIssueInstant(); XMLGregorianCalendar notBefore = conditionsType.getNotBefore(); XMLGregorianCalendar notOnOrAfter = conditionsType.getNotOnOrAfter(); if (trace) log.trace("Now=" + now.toXMLFormat() + " ::notBefore=" + notBefore.toXMLFormat() + "::notOnOrAfter=" + notOnOrAfter); expiry = !XMLTimeUtil.isValid(now, notBefore, notOnOrAfter); if (expiry) { log.info("Assertion has expired with id=" + assertion.getID()); } } //TODO: if conditions do not exist, assume the assertion to be everlasting? return expiry; }
SAML11ConditionsType conditionsType = assertion.getConditions(); if (conditionsType != null)
SAML11ConditionsType conditionsType = assertion.getConditions(); if (conditionsType != null)
/** * Check whether the assertion has expired * * @param assertion * @return * @throws ConfigurationException */ public static boolean hasExpired(SAML11AssertionType assertion) throws ConfigurationException { boolean expiry = false; // Check for validity of assertion SAML11ConditionsType conditionsType = assertion.getConditions(); if (conditionsType != null) { XMLGregorianCalendar now = XMLTimeUtil.getIssueInstant(); XMLGregorianCalendar notBefore = conditionsType.getNotBefore(); XMLGregorianCalendar notOnOrAfter = conditionsType.getNotOnOrAfter(); logger.trace("Now=" + now.toXMLFormat() + " ::notBefore=" + notBefore.toXMLFormat() + " ::notOnOrAfter=" + notOnOrAfter); expiry = !XMLTimeUtil.isValid(now, notBefore, notOnOrAfter); if (expiry) { logger.samlAssertionExpired(assertion.getID()); } } // TODO: if conditions do not exist, assume the assertion to be everlasting? return expiry; }
/** * Check whether the assertion has expired * * @param assertion * * @return * * @throws ConfigurationException */ public static boolean hasExpired(SAML11AssertionType assertion) throws ConfigurationException { boolean expiry = false; // Check for validity of assertion SAML11ConditionsType conditionsType = assertion.getConditions(); if (conditionsType != null) { XMLGregorianCalendar now = XMLTimeUtil.getIssueInstant(); XMLGregorianCalendar notBefore = conditionsType.getNotBefore(); XMLGregorianCalendar notOnOrAfter = conditionsType.getNotOnOrAfter(); logger.trace("Now=" + now.toXMLFormat() + " ::notBefore=" + notBefore.toXMLFormat() + " ::notOnOrAfter=" + notOnOrAfter); expiry = !XMLTimeUtil.isValid(now, notBefore, notOnOrAfter); if (expiry) { logger.samlAssertionExpired(assertion.getID()); } } // TODO: if conditions do not exist, assume the assertion to be everlasting? return expiry; }
/** * Check whether the assertion has expired * * @param assertion * * @return * * @throws ConfigurationException */ public static boolean hasExpired(SAML11AssertionType assertion) throws ConfigurationException { boolean expiry = false; // Check for validity of assertion SAML11ConditionsType conditionsType = assertion.getConditions(); if (conditionsType != null) { XMLGregorianCalendar now = XMLTimeUtil.getIssueInstant(); XMLGregorianCalendar notBefore = conditionsType.getNotBefore(); XMLGregorianCalendar notOnOrAfter = conditionsType.getNotOnOrAfter(); logger.trace("Now=" + now.toXMLFormat() + " ::notBefore=" + notBefore.toXMLFormat() + " ::notOnOrAfter=" + notOnOrAfter); expiry = !XMLTimeUtil.isValid(now, notBefore, notOnOrAfter); if (expiry) { logger.samlAssertionExpired(assertion.getID()); } } // TODO: if conditions do not exist, assume the assertion to be everlasting? return expiry; }
SAML11ConditionsType conditions = oldAssertion.getConditions(); Lifetime lifetime = adjustLifetimeForClockSkew( wstContext.getRequestSecurityToken().getLifetime() ); conditions.setNotBefore(lifetime.getCreated());
SAML11ConditionsType conditions = oldAssertion.getConditions(); Lifetime lifetime = adjustLifetimeForClockSkew( wstContext.getRequestSecurityToken().getLifetime() ); conditions.setNotBefore(lifetime.getCreated());
SAML11ConditionsType conditions = oldAssertion.getConditions(); conditions.setNotBefore(wstContext.getRequestSecurityToken().getLifetime().getCreated()); conditions.setNotOnOrAfter(wstContext.getRequestSecurityToken().getLifetime().getExpires());
SAML11ConditionsType conditions = oldAssertion.getConditions(); conditions.setNotBefore(wstContext.getRequestSecurityToken().getLifetime().getCreated()); conditions.setNotOnOrAfter(wstContext.getRequestSecurityToken().getLifetime().getExpires());
SAML11ConditionsType conditionsType = assertion.getConditions(); if (conditionsType != null) { XMLGregorianCalendar now = XMLTimeUtil.getIssueInstant();
/** * Verify whether the assertion has expired. You can add in a clock skew to adapt to conditions where in the IDP and SP are * out of sync. * * @param assertion * @param clockSkewInMilis in miliseconds * @return * @throws ConfigurationException */ public static boolean hasExpired(SAML11AssertionType assertion, long clockSkewInMilis) throws ConfigurationException { boolean expiry = false; // Check for validity of assertion SAML11ConditionsType conditionsType = assertion.getConditions(); if (conditionsType != null) { XMLGregorianCalendar now = XMLTimeUtil.getIssueInstant(); XMLGregorianCalendar notBefore = conditionsType.getNotBefore(); XMLGregorianCalendar updatedNotBefore = XMLTimeUtil.subtract(notBefore, clockSkewInMilis); XMLGregorianCalendar notOnOrAfter = conditionsType.getNotOnOrAfter(); XMLGregorianCalendar updatedOnOrAfter = XMLTimeUtil.add(notOnOrAfter, clockSkewInMilis); logger.trace("Now=" + now.toXMLFormat() + " ::notBefore=" + notBefore.toXMLFormat() + " ::notOnOrAfter=" + notOnOrAfter); expiry = !XMLTimeUtil.isValid(now, updatedNotBefore, updatedOnOrAfter); if (expiry) { logger.samlAssertionExpired(assertion.getID()); } } // TODO: if conditions do not exist, assume the assertion to be everlasting? return expiry; }
SAML11ConditionsType conditionsType = assertion.getConditions(); if (conditionsType != null) { XMLGregorianCalendar now = XMLTimeUtil.getIssueInstant();
SAML11ConditionsType conditions = oldAssertion.getConditions(); conditions.setNotBefore(wstContext.getRequestSecurityToken().getLifetime().getCreated()); conditions.setNotOnOrAfter(wstContext.getRequestSecurityToken().getLifetime().getExpires());
SAML11ConditionsType conditions = assertion.getConditions(); if (conditions != null)
SAML11ConditionsType conditions = assertion.getConditions(); if (conditions != null)
SAML11ConditionsType conditions = assertion.getConditions(); if (conditions != null) { StaxUtil.writeStartElement(writer, ASSERTION_PREFIX, JBossSAMLConstants.CONDITIONS.get(), ns);
SAML11ConditionsType conditions = assertion.getConditions(); if (conditions != null) { StaxUtil.writeStartElement(writer, ASSERTION_PREFIX, JBossSAMLConstants.CONDITIONS.get(), ns);
SAML11ConditionsType conditions = assertion.getConditions(); if (conditions != null) { StaxUtil.writeStartElement(writer, ASSERTION_PREFIX, JBossSAMLConstants.CONDITIONS.get(), ns);