Commit 3bead8f1 authored by Gradl, Tobias's avatar Gradl, Tobias
Browse files

724: Disable expired SAML authentications

Task-Url: https://minfba.de.dariah.eu/mantisbt/view.php?id=724
parent d40455a3
auth:
local:
users:
- username: 'admin'
......@@ -29,6 +30,7 @@ auth:
#requireLogoutRequestSigned: false
#requireLogoutResponseSigned: false
#requireAttributeQuerySigned: true
maxAuthAge: -1 # in seconds
signMetadata : true
#signingAlgorithm : http://www.w3.org/2001/04/xmldsig-more#rsa-sha256
discovery:
......
......@@ -34,7 +34,7 @@
<!-- Handler deciding where to redirect user after failed login -->
<bean id="failureRedirectHandler" class="org.springframework.security.web.authentication.SimpleUrlAuthenticationFailureHandler">
<property name="useForward" value="true"/>
<property name="defaultFailureUrl" value="/error.jsp"/>
<property name="defaultFailureUrl" value="/errors"/>
</bean>
<security:authentication-manager alias="authenticationManager">
......@@ -289,10 +289,14 @@
</bean>
<!-- SAML 2.0 WebSSO Assertion Consumer -->
<bean id="webSSOprofileConsumer" class="org.springframework.security.saml.websso.WebSSOProfileConsumerImpl"/>
<bean id="webSSOprofileConsumer" class="org.springframework.security.saml.websso.WebSSOProfileConsumerImpl">
<property name="maxAuthenticationAge" value="${auth.maxAuthAge:7200}" />
</bean>
<!-- SAML 2.0 Holder-of-Key WebSSO Assertion Consumer -->
<bean id="hokWebSSOprofileConsumer" class="org.springframework.security.saml.websso.WebSSOProfileConsumerHoKImpl"/>
<bean id="hokWebSSOprofileConsumer" class="org.springframework.security.saml.websso.WebSSOProfileConsumerHoKImpl">
<property name="maxAuthenticationAge" value="${auth.maxAuthAge:7200}" />
</bean>
<!-- SAML 2.0 Web SSO profile -->
<bean id="webSSOprofile" class="org.springframework.security.saml.websso.WebSSOProfileImpl"/>
......
Supports Markdown
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment