Karl Harbour

Home Members Karl Harbour

Learn more about our upcoming Identity Summits

show less show more
Profile picture of Karl Harbour

@karl-harbourpearson-com

active 6 years, 9 months ago
Points balance: 31 ♪
Rank: Karl Harbour
  • Activity
  • Profile
  • Groups 0
  • Forums
  • Personal
  • Mentions
  • Favorites
  • Groups
  • Profile picture of Karl Harbour

    Karl Harbour replied to the topic JSON Web Tokens created by OpenIG do not seem to have built-in expiration? in the forum Identity Gateway 6 years, 9 months ago

    I was thinking the same re: ScriptableFilter, however I am generally of the view that implementation of security features should be left to the experts – in other words, I think OpenIG should support this out of the box. So, feature request raised: https://bugster.forgerock.org/jira/browse/OPENIG-733

  • Profile picture of Karl Harbour

    Karl Harbour started the topic JSON Web Tokens created by OpenIG do not seem to have built-in expiration? in the forum Identity Gateway 6 years, 9 months ago

    As far as I can tell, the JSON Web Tokens created by OpenIG do not have an expiration time, as per https://tools.ietf.org/html/rfc7519#page-9 section 4.1.4.

    Although the “exp” (Expiration Time) Claim is OPTIONAL, I think without it there is the possibility of a replay attack?

  • Profile picture of Karl Harbour

    Karl Harbour's profile was updated 6 years, 9 months ago

Profile Photo Charan Mann Profile Photo emoseman

Search the forums

Leaderboard

The leaderboard is based on our rockin' informal points system, read about it here.

Recent blog posts

  • Using an Authentication Tree Stage to Build a Custom UI with the ForgeRock JavaScript SDK February 26, 2020
  • Identity Workflow with AM using Zeebe and Cloud Functions February 19, 2020
  • IDM: Zero Downtime Upgrade Strategy Using a Blue/Green Deployment January 23, 2020
  • DS: Zero Downtime Upgrade Strategy Using a Blue/Green Deployment January 22, 2020
  • AM and IG: Zero Downtime Upgrade Strategy Using a Blue/Green Deployment January 22, 2020
Visit our blog

Recent Topics

  • Handle exception in Node Patch Object
  • SP Initiated SSO – Unable to do sso or federation
  • Realm level access
  • How can I generate 32 bytes Random salt in js script
  • Bypass Login Page in Chain

©2022 ForgeRock - we provide an identity and access platform to secure every online relationship for the enterprise market, educational sector and even entire countries. Click to view our privacy policy and terms of use.

  • Blog
  • Documentation
    • OpenAM / Access Management
    • OpenDJ / Directory Services
    • OpenIDM / Identity Management
    • OpenIG / Identity Gateway
    • OpenICF / Open Connector Framework
    • Intro to Identity
  • Forums
    • General Discussion
    • ForgeRock Products
      • OpenAM
      • OpenIDM
      • OpenDJ
      • OpenIG
      • OpenUMA
    • DevOps
    • Internet of Things
    • Documentation
    • Groups
  • Twitter
  • Facebook
  • Linkedin
  • Youtube

Log in with your credentials

Lost your password?

Forgot your details?

I remember my details