Add clockSkew and idGenerator configuration hooks to JSONSecurityConfiguration

Description

OpenSAML’s BasicSecurityConfiguration class has two constructor arguments for customising clock skew and identifier generation configuration. JSONSecurityConfiguration extends the class but is missing any constructors and thus gets always wired with the default values (5 minutes for clock skew and ProviderType.SECURE for id generation).

We should add the corresponding constructors for JSONSecurityConfiguration.

Environment

None

Activity

Show:

Henri MikkonenApril 5, 2024 at 1:24 PM

Leaving ClaimsValidator still getting the clockSkew-configuration via global property, not via security configuration.

Henri MikkonenMarch 22, 2024 at 11:12 AM

Included @ParameterName annotation to the constructor args.

Henri MikkonenJanuary 15, 2024 at 3:49 PM

Added the constructors in 173e4b1def2f085f81869d392e7eb6a732222d23.

We should perhaps review where the clockSkew value from security configuration should be wired instead of a class/bean-specific value. For instance the ClaimsValidators have local default values (of 1 minute).

Completed

Details

Assignee

Reporter

Components

Fix versions

Created January 15, 2024 at 3:45 PM
Updated April 5, 2024 at 1:24 PM
Resolved April 5, 2024 at 1:24 PM