View Issue Details

Jump to NotesJump to History
IDProjectCategoryView StatusDate SubmittedLast Update
000719910000-004: ServicesSpecpublic2021-08-13 15:522023-03-21 19:48
ReporterRandy Armstrong Assigned ToMatthias Damm  
PrioritynormalSeverityminorReproducibilityalways
Status closedResolutionfixed 
Fixed in Version1.05.02 RC1 
Summary0007199: 6.5.3.2 Access Tokens
Description

Need to explicitly define requirements for expired tokens.

TagsBSI
Commit Version
Fix Due Date

Relationships

related to 0008717 acknowledgedPaul Hunkar CTT UA Test Case 6.5.3.2 Access Tokens 

Activities

Randy Armstrong

2021-08-13 15:55

administrator   ~0014729

Clarify when to honor token validity expiration. Add remark to Part 4 (7.36.6 IssuedIdentityToken) regarding this behavior.

Matthias Damm

2022-12-04 10:09

developer   ~0018224

Need input from Randy to continue

Randy Armstrong

2022-12-06 07:56

administrator   ~0018232

Not sure what input is needed. AccessTokens expire. When they expire Session credentials should be revoked.

Clients that use AccessTokens need to be aware of the expiry time and call ActivateSession with a new token prior to expiry of the existing Token if they want uninterrupted access.

Matthias Damm

2023-02-20 22:29

developer   ~0018776

Added following clarification to 7.41.6 IssuedIdentityToken

IssuedIdentityTokens have an expiration time, and a Server shall reject the credentials of the Session after the expiration of the token. The Session shall stay valid with an Anonymous user token if the Server allows Anonymous users. Clients should renew the token with ActivateSession before the expiration time to avoid communication interruption.

Jim Luth

2023-02-28 17:34

administrator   ~0018812

Last edited: 2023-02-28 17:35

Agreed to 1.05 text. Needs 1.04 Errata to close.

Jim Luth

2023-03-21 19:48

administrator   ~0018944

Agreed to 1.04 Errata.

Issue History

Date Modified Username Field Change
2021-08-13 15:52 Randy Armstrong New Issue
2021-08-13 15:52 Randy Armstrong Status new => assigned
2021-08-13 15:52 Randy Armstrong Assigned To => Randy Armstrong
2021-08-13 15:52 Randy Armstrong Tag Attached: BSI
2021-08-13 15:52 Randy Armstrong Issue generated from: 0006749
2021-08-13 15:53 Randy Armstrong Project 10000-006: Mappings => 10000-004: Services
2021-08-13 15:55 Randy Armstrong Note Added: 0014729
2022-12-04 10:09 Matthias Damm Note Added: 0018224
2022-12-06 07:56 Randy Armstrong Note Added: 0018232
2023-02-20 22:29 Matthias Damm Assigned To Randy Armstrong => Matthias Damm
2023-02-20 22:29 Matthias Damm Status assigned => resolved
2023-02-20 22:29 Matthias Damm Resolution open => fixed
2023-02-20 22:29 Matthias Damm Fixed in Version => 1.05.02 RC1
2023-02-20 22:29 Matthias Damm Note Added: 0018776
2023-02-28 17:34 Jim Luth Note Added: 0018812
2023-02-28 17:35 Jim Luth Note Edited: 0018812
2023-02-28 17:35 Jim Luth Issue cloned: 0008717
2023-02-28 17:35 Jim Luth Relationship added related to 0008717
2023-03-21 19:48 Jim Luth Status resolved => closed
2023-03-21 19:48 Jim Luth Note Added: 0018944