cxf-issues mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Colm O hEigeartaigh (JIRA)" <>
Subject [jira] [Assigned] (CXF-6763) STS requires ClaimHandler even in ClaimMapping only scenarios
Date Wed, 27 Jan 2016 10:15:39 GMT


Colm O hEigeartaigh reassigned CXF-6763:

    Assignee: Colm O hEigeartaigh

> STS requires ClaimHandler even in ClaimMapping only scenarios
> -------------------------------------------------------------
>                 Key: CXF-6763
>                 URL:
>             Project: CXF
>          Issue Type: Bug
>          Components: STS
>    Affects Versions: 3.1.4
>            Reporter: Jan Bernhardt
>            Assignee: Colm O hEigeartaigh
>            Priority: Minor
> In case that the STS is used only for token mapping, the STS does not need ClaimHandler
to lookup claims from a backend.
> Example Scenario: Fediz-IDP is used as a RP-IDP only (with no direct user login), but
only doing claim mappings.
> In this case the STS only needs a relationship with a ClaimMapper, but no ClaimHandler
are required.
> The following code within {{org.apache.cxf.sts.operation.TokenIssueOperation}} however
checks if ClaimMapper for requested Claims exists and fails if not.
> {code}
> //Check if the requested claims can be handled by the configured claim handlers
> ClaimCollection requestedClaims = providerParameters.getRequestedPrimaryClaims();
> checkClaimsSupport(requestedClaims);
> requestedClaims = providerParameters.getRequestedSecondaryClaims();
> checkClaimsSupport(requestedClaims);
> providerParameters.setClaimsManager(claimsManager);
> {code}
> From my understanding these {{checkClaimsSupport}} can be removed completely, because
the STS will still fail, if the requested Claims are not available in the end.

This message was sent by Atlassian JIRA

View raw message