Printed below is stack trace of auth failure issue caused due to time zone difference between IP and SP. Is there a way to configure this in spring security?
org.opensaml.common.SAMLException:响应发布时间太旧或未来日期,偏差60,时间2015-06-11T09:27:49.000Z at org.springframework.security.saml.websso.WebSSOProfileConsumerImpl.processAuthenticationResponse (webSSOProfileConsumerImpl.java:126)位于org.springframework上org.springframework.security.authenticate(SAMLAuthenticationProvider.java:82)org.springframework.security.authentication.ProviderManager.authenticate(ProviderManager.java:156)的org.springframework.security.saml.SAMLAuthenticationProvider.authenticate(SAMLAuthenticationProvider.java:82) . org.springframework.security.web.FilterChainProxy $ VirtualFilterChain.doFilter(org.springframework.security.web.authentication.AbstractAuthenticationProcessingFilter.doFilter(AbstractAuthenticationProcessingFilter.java:195)中的security.saml.SAMLProcessingFilter.attemptAuthentication(SAMLProcessingFilter.java:84) FilterChainProxy.java:342)org.springframework.security.web.FilterChai的org.springframework.security.web.FilterChainProxy.doFilterInternal(FilterChainProxy.java:192) org.springframework.security.web.FilterChainProxy $ VirtualFilterChain.doFilter(FilterChainProxy.java:342)中的nProxy.doFilter(FilterChainProxy.java:166)
1 回答
您可以从spring-saml docs获取帮助来配置WebSSOProfileConsumerImpl bean以配置时间 .
您可以尝试更新refreshToken元数据的时间
并尝试更新maxAuthenticationAge时间 .