[
https://issues.apache.org/jira/browse/CXF-5692?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13983097#comment-13983097
]
Colm O hEigeartaigh commented on CXF-5692:
------------------------------------------
Yes, that is the SAML Web Profile SSO implementation, which is only supported
for JAX-RS endpoints. For JAX-WS endpoints, you will have to verify this
condition in a custom implementation. You could copy how the Conditions code
works in WSS4J (checkConditions):
http://svn.apache.org/viewvc/webservices/wss4j/trunk/ws-security-common/src/main/java/org/apache/wss4j/common/saml/SamlAssertionWrapper.java?view=markup
Colm.
> CXF doesn't verify SessionNotOnOrAfter of AuthenticationStatement
> -----------------------------------------------------------------
>
> Key: CXF-5692
> URL: https://issues.apache.org/jira/browse/CXF-5692
> Project: CXF
> Issue Type: Bug
> Components: JAX-WS Runtime
> Affects Versions: 2.7.10
> Reporter: Tony Clarke
> Assignee: Colm O hEigeartaigh
>
--
This message was sent by Atlassian JIRA
(v6.2#6252)
