[
https://issues.apache.org/jira/browse/CXF-5664?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13968220#comment-13968220
]
Colm O hEigeartaigh commented on CXF-5664:
------------------------------------------
Ok this should now be fixed for CXF 2.7.12-SNAPSHOT if you want to give it a
try. The default behaviour is to add each participant EPR address as an
AudienceRestrictionCondition. There is a method in the
DefaultConditionsProvider that can be changed to handle other behaviour for
participants if required.
Colm.
> CXF STS does not support wst:Participants
> -----------------------------------------
>
> Key: CXF-5664
> URL: https://issues.apache.org/jira/browse/CXF-5664
> Project: CXF
> Issue Type: Bug
> Components: STS
> Affects Versions: 2.7.8, 2.7.9, 2.7.10
> Reporter: Stephen Chappell
> Assignee: Colm O hEigeartaigh
> Labels: features, security
> Fix For: 2.7.12, 3.0.0
>
>
> The CXF STS does not recognize the wst:Participants element within a
> wst:RequestSecurityToken, and instead throws a BadRequest SOAP fault. The
> Participants element should be parsed and added to the list of
> AudienceRestrictions in the issued token.
--
This message was sent by Atlassian JIRA
(v6.2#6252)
