[
https://issues.apache.org/jira/browse/FEDIZ-218?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16478754#comment-16478754
]
ASF GitHub Bot commented on FEDIZ-218:
--------------------------------------
amergey opened a new pull request #28: [FEDIZ-218] Support SAML Token without
Audience Restriction
URL: https://github.com/apache/cxf-fediz/pull/28
SAML token without audience restriction are still valid and should not make
the authentication fails
----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
[email protected]
> Support SAML Token without Audience Restriction in plugin
> ---------------------------------------------------------
>
> Key: FEDIZ-218
> URL: https://issues.apache.org/jira/browse/FEDIZ-218
> Project: CXF-Fediz
> Issue Type: Bug
> Components: Plugin
> Affects Versions: 1.4.3
> Reporter: Arnaud MERGEY
> Priority: Major
> Attachments: cxf-fediz.patch
>
>
> FEDIZ-168 descrived Fediz only supported SAML with an audience restriction.
> It said
> _Fediz Plugin should accept SAML token without audience restrictions as valid
> (if all other security requirements are met) and the Fediz IDP should be
> configurable to request SAML token from the STS without audience
> restrictions._
> It seems it was fixed on IDP side, but not on plugin side as SAML token
> without audience restriction is not accepted.
> It seems quite trivial to fix, I attach a patch proposal (I already have a
> pull request opened for another issue)
>
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)
