You are viewing a plain text version of this content. The canonical link for it is here.

Posted to issues@cxf.apache.org by "Josh Smith (JIRA)" <ji...@apache.org> on 2018/04/25 23:34:00 UTC

[jira] [Created] (CXF-7729) Merge duplicate Attribute elements within an AttributeStatement

Josh Smith created CXF-7729:
-------------------------------

             Summary: Merge duplicate Attribute elements within an AttributeStatement
                 Key: CXF-7729
                 URL: https://issues.apache.org/jira/browse/CXF-7729
             Project: CXF
          Issue Type: Improvement
          Components: STS
    Affects Versions: 3.1.13
            Reporter: Josh Smith


When multiple claims handlers return values for a given claim type, the resulting AttributeStatement contains duplicate Attribute Elements.

For example, requesting the role claim from two claims handlers might produce the following AttributeStatement:
{code:xml}
<saml2:AttributeStatement>
  <saml2:Attribute Name="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/role" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:unspecified">
    <saml2:AttributeValue xsi:type="xsd:string">admin</saml2:AttributeValue>
    <saml2:AttributeValue xsi:type="xsd:string">manager</saml2:AttributeValue>
  </saml2:Attribute>
  <saml2:Attribute Name="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/role" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:unspecified">
    <saml2:AttributeValue xsi:type="xsd:string">viewer</saml2:AttributeValue>
  </saml2:Attribute>
</saml2:AttributeStatement>{code}
It would be nice to merge these Attribute elements to reduce the size of the assertion.
{code:xml}
<saml2:AttributeStatement>
  <saml2:Attribute Name="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/role" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:unspecified">
    <saml2:AttributeValue xsi:type="xsd:string">admin</saml2:AttributeValue>
    <saml2:AttributeValue xsi:type="xsd:string">manager</saml2:AttributeValue>
    <saml2:AttributeValue xsi:type="xsd:string">viewer</saml2:AttributeValue>
  </saml2:Attribute>
</saml2:AttributeStatement>
{code}



--
This message was sent by Atlassian JIRA
(v7.6.3#76005)