Support ISO8601 duration format for login authentication duration - SC-63

git-svn-id: https://subversion.switch.ch/svn/shibboleth/java-idp/branches/REL_2@2913 ab3bd59b-922f-494d-bb5f-6f0a3c29deca

diff --git a/src/main/java/edu/internet2/middleware/shibboleth/idp/config/profile/authn/AbstractLoginHandlerBeanDefinitionParser.java b/src/main/java/edu/internet2/middleware/shibboleth/idp/config/profile/authn/AbstractLoginHandlerBeanDefinitionParser.java
index 3e06275..9895fef 100644 (file)
--- a/src/main/java/edu/internet2/middleware/shibboleth/idp/config/profile/authn/AbstractLoginHandlerBeanDefinitionParser.java
+++ b/src/main/java/edu/internet2/middleware/shibboleth/idp/config/profile/authn/AbstractLoginHandlerBeanDefinitionParser.java
@@ -27,6 +27,7 @@ import org.springframework.beans.factory.support.BeanDefinitionBuilder;
 import org.springframework.beans.factory.xml.AbstractSingleBeanDefinitionParser;
 import org.w3c.dom.Element;
 
+import edu.internet2.middleware.shibboleth.common.config.SpringConfigurationUtils;
 import edu.internet2.middleware.shibboleth.idp.config.profile.ProfileHandlerNamespaceHandler;
 
 /**
@@ -41,11 +42,12 @@ public abstract class AbstractLoginHandlerBeanDefinitionParser extends AbstractS
     protected void doParse(Element config, BeanDefinitionBuilder builder) {
         log.debug("Parsing configuration for {} authentication handler.", XMLHelper.getXSIType(config).getLocalPart());
 
-        int duration = 30;
+        long duration = 30 * 60 * 1000;
         if (config.hasAttributeNS(null, "authenticationDuration")) {
-            duration = Integer.parseInt(config.getAttributeNS(null, "authenticationDuration"));
+            duration = SpringConfigurationUtils.parseDurationToMillis("'authenticationDuration' on LoginHandler of type "
+                    + XMLHelper.getXSIType(config), config.getAttributeNS(null, "authenticationDuration"), 1000 * 60);
         }
-        log.debug("Authentication handler declared duration of {} minutes", duration);
+        log.debug("Authentication duration: {}ms", duration);
         builder.addPropertyValue("authenticationDuration", duration);
 
         String authnMethod;

diff --git a/src/main/java/edu/internet2/middleware/shibboleth/idp/config/profile/authn/AbstractLoginHandlerFactoryBean.java b/src/main/java/edu/internet2/middleware/shibboleth/idp/config/profile/authn/AbstractLoginHandlerFactoryBean.java
index da37c04..cb1857b 100644 (file)
--- a/src/main/java/edu/internet2/middleware/shibboleth/idp/config/profile/authn/AbstractLoginHandlerFactoryBean.java
+++ b/src/main/java/edu/internet2/middleware/shibboleth/idp/config/profile/authn/AbstractLoginHandlerFactoryBean.java
@@ -31,23 +31,23 @@ public abstract class AbstractLoginHandlerFactoryBean extends AbstractFactoryBea
     private List<String> authenticationMethods;
 
     /** Duration of the authentication, in minutes. */
-    private int authenticationDuration;
+    private long authenticationDuration;
 
     /**
-     * Gets the duration of the authentication, in minutes.
+     * Gets the duration of the authentication, in milliseconds.
      * 
-     * @return duration of the authentication, in minutes
+     * @return duration of the authentication, in milliseconds
      */
-    public int getAuthenticationDuration() {
+    public long getAuthenticationDuration() {
         return authenticationDuration;
     }
 
     /**
-     * Sets the duration of the authentication, in minutes.
+     * Sets the duration of the authentication, in milliseconds.
      * 
-     * @param duration duration of the authentication, in minutes
+     * @param duration duration of the authentication, in milliseconds
      */
-    public void setAuthenticationDuration(int duration) {
+    public void setAuthenticationDuration(long duration) {
         this.authenticationDuration = duration;
     }
 
@@ -78,6 +78,6 @@ public abstract class AbstractLoginHandlerFactoryBean extends AbstractFactoryBea
         if (authenticationMethods != null) {
             handler.getSupportedAuthenticationMethods().addAll(authenticationMethods);
         }
-        handler.setAuthenticationDuration(authenticationDuration * 60 * 1000);
+        handler.setAuthenticationDuration(authenticationDuration);
     }
 }

diff --git a/src/main/resources/schema/shibboleth-2.0-idp-profile-handler.xsd b/src/main/resources/schema/shibboleth-2.0-idp-profile-handler.xsd
index efec988..552e145 100644 (file)
--- a/src/main/resources/schema/shibboleth-2.0-idp-profile-handler.xsd
+++ b/src/main/resources/schema/shibboleth-2.0-idp-profile-handler.xsd
@@ -341,9 +341,11 @@
         <xsd:attribute name="authenticationDuration" type="xsd:positiveInteger">
             <xsd:annotation>
                 <xsd:documentation>
-                    The length of time, in minutes, that an authentication performed by this handler should be
+                    The length of time that an authentication performed by this handler should be
                     considered active. After which time a user, previously authenticated by this handler, must
                     re-authenticate in order to assert the authentication method again.
+                    
+                    This duration should be expressed in ISO8601 format.
                 </xsd:documentation>
             </xsd:annotation>
         </xsd:attribute>