Skip to content

Commit

Permalink
SAK-41298 Document maxAuthenticationAge property for SAML auth (sakai…
Browse files Browse the repository at this point in the history 
…project#6525)

* SAK-41298 Document maxAuthenticationAge property for SAML auth

* Update xlogin-context.saml.adfs-prod.xml

SAK-41298 Update the ADFS max auth age to 86400 (1 day) as ADFS sets this to the time of first login
  • Loading branch information
@smarquard @ottenhoff
smarquard authored and ottenhoff committed Feb 5, 2019
1 parent 4d7669b commit 03a98d6
Show file tree
Hide file tree
Showing 2 changed files with 10 additions and 2 deletions.
6 changes: 5 additions & 1 deletion login/login-tool/tool/src/webapp/WEB-INF/xlogin-context.saml.adfs-prod.xml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -216,7 +216,11 @@
</bean>

<!-- SAML 2.0 WebSSO Assertion Consumer -->
<bean id="webSSOprofileConsumer" class="org.springframework.security.saml.websso.WebSSOProfileConsumerImpl"/>
<bean id="webSSOprofileConsumer" class="org.springframework.security.saml.websso.WebSSOProfileConsumerImpl">
<!-- Duration in seconds after initial authentication with the IDP that SSO login will be allowed: see
https://docs.spring.io/spring-security-saml/docs/current/reference/html/configuration-advanced.html#time-interval -->
<property name="maxAuthenticationAge" value="86400"/>
</bean>

<!-- SAML 2.0 Holder-of-Key WebSSO Assertion Consumer -->
<bean id="hokWebSSOprofileConsumer" class="org.springframework.security.saml.websso.WebSSOProfileConsumerHoKImpl"/>
Expand Down
6 changes: 5 additions & 1 deletion login/login-tool/tool/src/webapp/WEB-INF/xlogin-context.saml.xml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -272,7 +272,11 @@
</bean>

<!-- SAML 2.0 WebSSO Assertion Consumer -->
<bean id="webSSOprofileConsumer" class="org.springframework.security.saml.websso.WebSSOProfileConsumerImpl"/>
<bean id="webSSOprofileConsumer" class="org.springframework.security.saml.websso.WebSSOProfileConsumerImpl">
<!-- Duration in seconds after initial authentication with the IDP that SSO login will be allowed: see
https://docs.spring.io/spring-security-saml/docs/current/reference/html/configuration-advanced.html#time-interval -->
<property name="maxAuthenticationAge" value="7200"/>
</bean>

<!-- SAML 2.0 Holder-of-Key WebSSO Assertion Consumer -->
<bean id="hokWebSSOprofileConsumer" class="org.springframework.security.saml.websso.WebSSOProfileConsumerHoKImpl"/>
Expand Down

0 comments on commit 03a98d6

Please sign in to comment.