Support for identity mapping as part of issue token process
-----------------------------------------------------------
Key: CXF-3883
URL: https://issues.apache.org/jira/browse/CXF-3883
Project: CXF
Issue Type: New Feature
Components: Services
Affects Versions: 2.5
Reporter: Oliver Wulff
The JIRA https://issues.apache.org/jira/browse/CXF-3520 describes the case
where a CXF consumer has configured a different STS than the issuer configured
in the IssuedToken assertion of the service provider:
In this case, the service consumer and provider don't understand the
identity/subject/principal of the counterpart. First, the consumer gets a token
from its STS (IDP-STS) which could be a SAML token. Then he requests another
token from the STS and sends the one issued before as part of the WS-Security
header.
The STS must figure out that the sent and requested tokens are from different
realms (security domains) and must therefore call the configured identity
mapper which takes as parameters source realm, target realm and source
principal.
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators:
https://issues.apache.org/jira/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira
