[
https://issues.apache.org/jira/browse/CXF-5664?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13971450#comment-13971450
]
Stephen Chappell commented on CXF-5664:
---------------------------------------
Colm, I've gotten this from the latest snapshot but it still does not seem to
work. The problem seems to be in the
DefaultConditionsProvider.createAudienceRestrictions() - specifically on line
248 and 260 ... if (X instanceof Element) is returning false when I send over
participants containing EndpointReferences; none of the participants are
identifying as DOM elements. I'm guessing that they are coming over as
JAXBElements instead?
I also have to support Participants that contain wsp:URI instead of
wsa:EndpointReferences. I noticed that when I sent those over, the participant
IS identifying as an Element. But since there is no wsa:Address, they aren't
parsed and I still don't end up with any audience restrictions.
Thanx,
Steve
> CXF STS does not support wst:Participants
> -----------------------------------------
>
> Key: CXF-5664
> URL: https://issues.apache.org/jira/browse/CXF-5664
> Project: CXF
> Issue Type: Bug
> Components: STS
> Affects Versions: 2.7.8, 2.7.9, 2.7.10
> Reporter: Stephen Chappell
> Assignee: Colm O hEigeartaigh
> Labels: features, security
> Fix For: 2.7.12, 3.0.0
>
>
> The CXF STS does not recognize the wst:Participants element within a
> wst:RequestSecurityToken, and instead throws a BadRequest SOAP fault. The
> Participants element should be parsed and added to the list of
> AudienceRestrictions in the issued token.
--
This message was sent by Atlassian JIRA
(v6.2#6252)
