cxf-issues mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Colm O hEigeartaigh (JIRA)" <j...@apache.org>
Subject [jira] [Resolved] (CXF-3883) Support for identity mapping as part of issue token process
Date Fri, 05 Jul 2013 14:55:48 GMT

     [ https://issues.apache.org/jira/browse/CXF-3883?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]

Colm O hEigeartaigh resolved CXF-3883.
--------------------------------------

    Resolution: Fixed
    
> Support for identity mapping as part of issue token process
> -----------------------------------------------------------
>
>                 Key: CXF-3883
>                 URL: https://issues.apache.org/jira/browse/CXF-3883
>             Project: CXF
>          Issue Type: New Feature
>          Components: STS
>    Affects Versions: 2.5
>            Reporter: Oliver Wulff
>            Assignee: Colm O hEigeartaigh
>             Fix For: 2.7.6
>
>
> The JIRA https://issues.apache.org/jira/browse/CXF-3520 describes the case where a CXF
consumer has configured a different STS than the issuer configured in the IssuedToken assertion
of the service provider:
> In this case, the service consumer and provider don't understand the identity/subject/principal
of the counterpart. First, the consumer gets a token from its STS (IDP-STS) which could be
a SAML token. Then he requests another token from the STS and sends the one issued before
as part of the WS-Security header.
> The STS must figure out that the sent and requested tokens are from different realms
(security domains) and must therefore call the configured identity mapper which takes as parameters
source realm, target realm and source principal.

--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira

Mime
View raw message