Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Missing SAML configurable parameters ResponseSkew and MaxAuthenticationAge #131

Open
fmaeseele opened this issue Jan 31, 2023 · 1 comment

Comments

@fmaeseele
Copy link

Hi,

To be fully configurable and compliant, it would be great to be able to configure these two SAML parameters:

  • ResponseSkew: Maximum time between authentication of user and processing of an authentication statement (default is 7200s).
  • MaxAuthenticationAge: Tolerance applied for time comparisons between IDP clock and ServiceProvider system clock (default is 60s).

More documentation in Spring Security Framework:
https://docs.spring.io/spring-security-saml/docs/current/reference/html/configuration-advanced.html#time-interval

These two parameters are very usefull when there is some differences between the IDP clock and the SAML Service Provider system clock, or also when Azure IDP issue SAML token valid for a few days.

Regards.

@Revsgaard
Copy link
Member

Feel free to make a pull request and I'll look into your code.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

No branches or pull requests

2 participants