You are viewing a plain text version of this content. The canonical link for it is here.

Posted to issues@cxf.apache.org by "Oliver Wulff (JIRA)" <ji...@apache.org> on 2011/08/12 12:58:28 UTC

[jira] [Created] (CXF-3735) Extend STSClient to configure Claims

Extend STSClient to configure Claims
------------------------------------

                 Key: CXF-3735
                 URL: https://issues.apache.org/jira/browse/CXF-3735
             Project: CXF
          Issue Type: New Feature
    Affects Versions: 2.4.1
            Reporter: Oliver Wulff


The STSClient only adds the Claims element to the RST if found in the WS-SecurityPolicy of the service provider. Further, the service consumer must send a SAML token which includes the claims data.

If the service consumer sends a token (UsernameToken, BST, X509) which is not able to convey claims data there is no standard way for the service provider to retrieve the claims data. If the required and optional claims can be configured in the STSClient, we can address the above use case.

The service provider validates the UsernameToken or BST against the STS. He requests a SAML token and passes the configured claims in the RST of the validate binding.



--
This message is automatically generated by JIRA.
For more information on JIRA, see: http://www.atlassian.com/software/jira