Mercurial > dive4elements > river

diff gwt-client/src/main/java/org/dive4elements/river/client/server/auth/was/Authenticator.java @ 8839:2c8259176c46

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
Add configurable time tolerance to SAML ticket validation. This allows e.g. to account for time skew between the ISP and the server this servlet is run on.
author Tom Gottfried <tom@intevation.de>
date Wed, 28 Jun 2017 20:09:53 +0200
parents ea9eef426962
children d6d5ca6d4af0 cfc0aab9947f
line wrap: on
line diff
--- a/gwt-client/src/main/java/org/dive4elements/river/client/server/auth/was/Authenticator.java	Tue May 30 12:51:42 2017 +0200
+++ b/gwt-client/src/main/java/org/dive4elements/river/client/server/auth/was/Authenticator.java	Wed Jun 28 20:09:53 2017 +0200
@@ -64,8 +64,10 @@
                 else {
                     String trustedKey =
                     (String)context.getInitParameter("saml-trusted-public-key");
+                    String timeEpsilon = context.getInitParameter(
+                        "saml-time-tolerance");
                     return new Response(entity, username, password, features,
-                                        context.getRealPath(trustedKey));
+                        context.getRealPath(trustedKey), timeEpsilon);
                 }
             }
             catch(GeneralSecurityException e) {
http://dive4elements.wald.intevation.org