Uploaded image for project: 'SX Spring Security Extension'
  1. SX Spring Security Extension
  2. SES-4

Make sessions expire according to the session notOnOrAfter in the SAML response message

    Details

    • Type: New Feature
    • Status: Closed
    • Priority: Major
    • Resolution: Fixed
    • Affects Version/s: None
    • Fix Version/s: saml-1.0.0.RC1
    • Component/s: saml
    • Labels:
      None

      Description

      Add functionality to end a users session and make him/her reauthenticate with the IDP when the session expires according to the session notOnOrAfter in the SAML response message.

        Activity

        Hide
        vsch Vladimir Schäfer added a comment -

        Optional value sessionNotOnOrAfter from authenication statements in the assertion is now taken into account during creation of user's session. Authentication object automatically expires on sessionNotOnOrAfter (if present) and thus forces user to reauthenticate with IDP.

        Show
        vsch Vladimir Schäfer added a comment - Optional value sessionNotOnOrAfter from authenication statements in the assertion is now taken into account during creation of user's session. Authentication object automatically expires on sessionNotOnOrAfter (if present) and thus forces user to reauthenticate with IDP.

          People

          • Assignee:
            vsch Vladimir Schäfer
            Reporter:
            mel Mandus Elfving
          • Votes:
            0 Vote for this issue
            Watchers:
            0 Start watching this issue

            Dates

            • Created:
              Updated:
              Resolved:

              Development