cxf-issues mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Oliver Wulff (JIRA)" <j...@apache.org>
Subject [jira] [Resolved] (CXF-4464) Support ClaimsHandler per realm
Date Thu, 30 May 2013 21:34:20 GMT

     [ https://issues.apache.org/jira/browse/CXF-4464?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]

Oliver Wulff resolved CXF-4464.
-------------------------------

    Resolution: Fixed

CXF-5039 introduces RealmSupport interface which supports defining the realm of the principal
as well as restrict whether a claims handler is callable for certain realms.
                
> Support ClaimsHandler per realm
> -------------------------------
>
>                 Key: CXF-4464
>                 URL: https://issues.apache.org/jira/browse/CXF-4464
>             Project: CXF
>          Issue Type: New Feature
>          Components: Services
>    Affects Versions: 2.6.1
>            Reporter: Oliver Wulff
>            Assignee: Oliver Wulff
>             Fix For: 2.7.6, 3.0.0
>
>
> A ClaimsHandler is independent of the STS realm.
> Example: The LdapClaimsHandler is configured to support the claims firstname and lastname.
The principal (ws-sec header, onbehalfof, actas) is mapped to the STS realm. But you must
use another principal to access the claims data from the LDAP directory. Thus a claimshandler
must know which principal of which realm must be used to retrieve the claims.
> Therefore, the ClaimsHandler must provide the information in which realm he is applicable
thus the ClaimsManager can map the identity before calling retrieveClaimValues. 

--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira

Mime
View raw message