[
https://issues.apache.org/jira/browse/FEDIZ-218?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Arnaud MERGEY updated FEDIZ-218:
--------------------------------
Description:
FEDIZ-168 descrived Fediz only supported SAML with an audience restriction.
It said
_Fediz Plugin should accept SAML token without audience restrictions as valid
(if all other security requirements are met) and the Fediz IDP should be
configurable to request SAML token from the STS without audience restrictions._
It seems it was fixed on IDP side, but not on plugin side as SAML token without
audience restriction is not accepted.
was:
FEDIZ-168 descrived Fediz only supported SAML with an audience restriction.
It said
_Fediz Plugin should accept SAML token without audience restrictions as valid
(if all other security requirements are met) and the Fediz IDP should be
configurable to request SAML token from the STS without audience restrictions._
It seems it was fixed on IDP side, but not on plugin side as SAML token without
audience restriction is not accepted.
It seems quite trivial to fix, I attach a patch proposal (I already have a pull
request opened for another issue)
> Support SAML Token without Audience Restriction in plugin
> ---------------------------------------------------------
>
> Key: FEDIZ-218
> URL: https://issues.apache.org/jira/browse/FEDIZ-218
> Project: CXF-Fediz
> Issue Type: Bug
> Components: Plugin
> Affects Versions: 1.4.3
> Reporter: Arnaud MERGEY
> Priority: Major
> Attachments: cxf-fediz.patch
>
>
> FEDIZ-168 descrived Fediz only supported SAML with an audience restriction.
> It said
> _Fediz Plugin should accept SAML token without audience restrictions as valid
> (if all other security requirements are met) and the Fediz IDP should be
> configurable to request SAML token from the STS without audience
> restrictions._
> It seems it was fixed on IDP side, but not on plugin side as SAML token
> without audience restriction is not accepted.
>
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)
