SAML AuthInstant is after server time
Peter Schober
peter.schober at univie.ac.at
Thu Nov 20 03:09:28 EST 2014
* Peter Schober <peter.schober at univie.ac.at> [2014-11-20 09:07]:
> I just wonder why the IDP issues such assertions, with NotBefore full
> 5 minutes later than the AuthnInstant. (Started a fresh browser
> session, no session at IDP or SP.)
The Assertion/@IssueInstant matches the Conditions/@NotBefore exactly.
So where does the AuthnInstant value come from?
-peter
More information about the users
mailing list