expiring-password intercept triggering unexpectedly

Brian Biggs biggsb at sonoma.edu
Mon Jul 22 14:55:26 EDT 2019

Just as an example, this is what I ended up with:

   <bean id="shibboleth.expiring-password.Condition"
            p:resultIfMissing="false" p:offset="-P10D" />

It does work, even if it's not pretty.


On Mon, Jul 22, 2019 at 11:20 AM Liam Hoekenga <liamr at umich.edu> wrote:

> It doesn't log anything really, so debugging it requires Java hands on, or
>> writing some scripting to try and apply the condition to known inputs and
>> test the formatting string to see what it's doing.
> About the most informative thing I've seen is this..
> 2019-07-22 12:01:37,293 - - DEBUG
> [org.springframework.webflow.engine.Transition:214] - Executing
> [Transition at 29f72fb4 on = T(java.lang.System).currentTimeMillis() -
> T(java.lang.Long).parseLong(ExpiringPasswordCookieManager.getCookieValue(ExpiringPasswordCookieName,
> '0')) > ExpiringPasswordNotifyInterval, to = DisplayExpiringPasswordView]
> I'm presuming all of this stuff is exposable in nashorn?  Rather than
> having to edit / recompile the actual java?
>> The Z may be causing issues because of its status as a time zone
>> signifier, and the parsing can be very tricky.
> The Z is in single quotes, which does seem to be the way to embed string
> literals..
> https://www.joda.org/joda-time/apidocs/org/joda/time/format/DateTimeFormat.html
> There was this thread from February about date parsing..
> https://marc.info/?l=shibboleth-users&m=154963902909739&w=2
> Lastly one always needs to sanity check the value itself being parsed, and
>> the attribute resolver can log that on DEBUG.
> Doing that.   It looks like what I expect (but maybe my expectations are
> off).
> LIam
> --
> For Consortium Member technical support, see
> https://wiki.shibboleth.net/confluence/x/coFAAg
> To unsubscribe from this list send an email to
> users-unsubscribe at shibboleth.net

Lead Identity Mgmt/Systems Integration
Information Technology
Sonoma State University
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://shibboleth.net/pipermail/users/attachments/20190722/6069024b/attachment.html>

More information about the users mailing list