mace-opensaml-users - SAMLPOSTProfile.java Question
Subject: OpenSAML user discussion
List archive
- From: Eric Kotler <>
- To:
- Subject: SAMLPOSTProfile.java Question
- Date: Fri, 7 Nov 2003 10:12:05 -0800 (PST)
I was reviewing the SAMLPOSTProfile.java file and I noticed a
possible logic error in the getSSOAssertion(SAMLResponse r,
Collection audiences) function:
if (notBefore.getTime() - 300000 > System.currentTimeMillis())
{
bExpired = true;
continue;
}
if (notOnOrAfter.getTime() + 300000 <= System.currentTimeMillis())
{
bExpired = true;
continue;
}
In order to check if the assertion is not yet valid or has expired,
shouldn't the following occur:
if( (notBefore.getTime() - 300000 <= System.currentTimeMillis())
&&
(notOnOrAfter.getTime() + 300000 > System.currentTimeMillis()) )
{
bExpired = true;
continue;
}
Let me know if my logic is correct!
Thanks,
Eric
__________________________________
Do you Yahoo!?
Protect your identity with Yahoo! Mail AddressGuard
http://antispam.yahoo.com/whatsnewfree
---------------------------------------------------mace-opensaml-users-+
For list utilities, archives, subscribe, unsubscribe, etc. please visit the
ListProc web interface at
http://archives.internet2.edu/
---------------------------------------------------mace-opensaml-users--
- SAMLPOSTProfile.java Question, Eric Kotler, 11/07/2003
- RE: SAMLPOSTProfile.java Question, Scott Cantor, 11/07/2003
Archive powered by MHonArc 2.6.16.