[keycloak-user] TImePolicy in Authorization Policy Evaluation
Kousuke TANIGUCHI
kousuke.taniguchi at gmail.com
Thu Mar 15 03:08:30 EDT 2018
Hi, All
I was experimenting with authorization and policy.
I feel that TimePolicy does not work well with *Contextual Information / Date*.
## Case 1.
TimePolicy : hour 12 - 14
Evaluate at 13:30:00
Result : PERMIT
## Case 2.
TimePolicy : hour 12 - 14
* Contextual Information *
Add Date/Time (MM/dd/yyyy hh:mm:ss) : 02/14/2018 09:30:00
Evaluate at 13:35:00
Result : PERMIT
## Case 3.
TimePolicy : hour 10 - 12
Evaluate at 13:40:00
Result : DENY
## Case 4.
TimePolicy : hour 10 - 12
* Contextual Information *
Add Date/Time (MM/dd/yyyy hh:mm:ss) : 02/14/2018 09:30:00
Evaluate at 13:40:00
Result : DENY
In TimePolicyProvider.java, actualTime = new Date ();
but it should be checked whether evaluation.getContext
().getAttribute("kc.time.date _time") is provided
Regards.
More information about the keycloak-user
mailing list