Support configuration of STS client using information contained in Issuer or
IssuerName elements of the IssuedToken assertion
-----------------------------------------------------------------------------------------------------------------------------
Key: CXF-2659
URL: https://issues.apache.org/jira/browse/CXF-2659
Project: CXF
Issue Type: Improvement
Components: WS-* Components
Affects Versions: 2.3
Reporter: David Valeri
When using an IssuedToken assertion, location information about the STS in the
assertion is ignored and instead must be entirely manually configured.
It is convenient for consumers to be able to request tokens with minimal
additional configuration. If providers embed sufficient information in the
WS-A EPR (Issuer element) of the IssuedToken assertion, sufficient information
exists in the policy document to configure the STS client. The option to
supplement or override this information using the Configurable mechanism
currently supported provides consumers with the greatest flexibility.
Alternatively, if the policy specifies an IssuerName, this name could be used
to perform the lookup of the bean under the Configurable framework.
If these two elements are omitted, then falling back to the existing
configuration mechanism would be supported.
The ultimate order for applying configurations and the application of some or
all configuration patterns remains to be considered.
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
