cxf-issues mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Stephen Chappell (JIRA)" <>
Subject [jira] [Commented] (CXF-5664) CXF STS does not support wst:Participants
Date Fri, 18 Apr 2014 12:55:15 GMT


Stephen Chappell commented on CXF-5664:

Colm, this just came up in the latest snapshot and it works beautifully, except for one minor
issue ... it picks up all of the non-primary participants fine, but it doesn't always pick
up the primary participant. It picks up the URI form, but not the EPR form. Looking in the
code at line 251-253, it looks like you're only handling the DOM form of the primary, whereas
in 263-264 you're just handling participants more generically as Objects. Sorry to be such
a bother with it, but I really do appreciate your hard work on this, thanx!

> CXF STS does not support wst:Participants
> -----------------------------------------
>                 Key: CXF-5664
>                 URL:
>             Project: CXF
>          Issue Type: Bug
>          Components: STS
>    Affects Versions: 2.7.8, 2.7.9, 2.7.10
>            Reporter: Stephen Chappell
>            Assignee: Colm O hEigeartaigh
>              Labels: features, security
>             Fix For: 2.7.12, 3.0.0
> The CXF STS does not recognize the wst:Participants element within a wst:RequestSecurityToken,
and instead throws a BadRequest SOAP fault. The Participants element should be parsed and
added to the list of AudienceRestrictions in the issued token.

This message was sent by Atlassian JIRA

View raw message