[
https://issues.apache.org/jira/browse/CXF-3923?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Oliver Wulff updated CXF-3923:
------------------------------
Attachment: patch.git.diff
The patch fixes that in the DefaultSubjectProvider.
One note: My code doesn't validate the SAML token. IMHO, this must be processed
during the validation of the RST.
> Support for OnBehalfOf in SAMLTokenProvider
> -------------------------------------------
>
> Key: CXF-3923
> URL: https://issues.apache.org/jira/browse/CXF-3923
> Project: CXF
> Issue Type: New Feature
> Components: Services
> Affects Versions: 2.5
> Reporter: Oliver Wulff
> Attachments: patch.git.diff
>
>
> The SAMLTokenProvider supports to issue a SAML token based on the
> authenticated principal in the RST which means the security token sent in the
> WS-Security header.
> It is not supported that the client requests a SAML token OnBehalfOf another
> SAML token.
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators:
https://issues.apache.org/jira/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira
