Bug 1337847 - [SET] (6.4.z) Misleading error message in the log about expired assertion in case of clock skew
Summary: [SET] (6.4.z) Misleading error message in the log about expired assertion in ...
Keywords:
Status: CLOSED CURRENTRELEASE
Alias: None
Product: JBoss Enterprise Application Platform 6
Classification: JBoss
Component: PicketLink
Version: 6.4.8
Hardware: Unspecified
OS: Unspecified
unspecified
unspecified
Target Milestone: CR1
: EAP 6.4.15
Assignee: Ivo Studensky
QA Contact: Josef Cacek
URL:
Whiteboard:
Depends On: 1323281
Blocks: 1343635 eap6415-payload
TreeView+ depends on / blocked
 
Reported: 2016-05-20 08:47 UTC by Ivo Studensky
Modified: 2017-05-19 08:07 UTC (History)
8 users (show)

Fixed In Version:
Clone Of:
Environment:
Last Closed: 2017-05-19 08:07:17 UTC
Type: Bug
Embargoed:

Attachments (Terms of Use)


Links
System ID Private Priority Status Summary Last Updated
Red Hat Issue Tracker JBEAP-4045 0 Major Verified [GSS](7.0.z) SAML2STSLoginModule does not allow for configuring the ClockSkew 2017-06-13 08:53:35 UTC
Red Hat Issue Tracker JBEAP-5359 0 Major Verified (7.1.0) SAML2STSLoginModule does not allow for configuring the ClockSkew 2017-06-13 08:53:35 UTC
Red Hat Issue Tracker PLINK-742 0 Major Open Misleading error message in the log about expired assertion in case of clock skew 2017-06-13 08:53:34 UTC

Description Ivo Studensky 2016-05-20 08:47:19 UTC 
bz1323281 has introduced a new configuration option clockSkew to the SAML2STSLoginModule for the case when the STS service and the STS client do not have synchronized clocks. Now it is possible to log in in such environment. 

However, SAML2Handler which precedes the SAML2STSLoginModule in the handler chain logs an error about expired assertion. That happens before SAML2STSLoginModule takes place and note that SAML2Handler knows nothing about SAML2STSLoginModule configuration.

So even if nothing wrong happened there is an error message in the log.
Comment 2 JBoss JIRA Server 2016-05-24 13:43:52 UTC 
Carlo de Wolf <cdewolf> updated the status of jira JBEAP-4045 to Resolved
Comment 3 JBoss JIRA Server 2016-06-02 08:48:00 UTC 
Ondrej Lukas <olukas> updated the status of jira JBEAP-4045 to Reopened
Comment 4 Ivo Hradek 2017-05-03 07:01:47 UTC 
Error message is not shown in logs anymore, hence verified with EAP-6.4.15.CP.CR{2,3};
Comment 5 Petr Penicka 2017-05-19 08:07:17 UTC 
Released on May 18 as part of EAP 6.4.15.
Note You need to log in before you can comment on or make changes to this bug.