[
https://issues.apache.org/jira/browse/CXF-4464?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Oliver Wulff resolved CXF-4464.
-------------------------------
Resolution: Fixed
CXF-5039 introduces RealmSupport interface which supports defining the realm of
the principal as well as restrict whether a claims handler is callable for
certain realms.
> Support ClaimsHandler per realm
> -------------------------------
>
> Key: CXF-4464
> URL: https://issues.apache.org/jira/browse/CXF-4464
> Project: CXF
> Issue Type: New Feature
> Components: Services
> Affects Versions: 2.6.1
> Reporter: Oliver Wulff
> Assignee: Oliver Wulff
> Fix For: 2.7.6, 3.0.0
>
>
> A ClaimsHandler is independent of the STS realm.
> Example: The LdapClaimsHandler is configured to support the claims firstname
> and lastname. The principal (ws-sec header, onbehalfof, actas) is mapped to
> the STS realm. But you must use another principal to access the claims data
> from the LDAP directory. Thus a claimshandler must know which principal of
> which realm must be used to retrieve the claims.
> Therefore, the ClaimsHandler must provide the information in which realm he
> is applicable thus the ClaimsManager can map the identity before calling
> retrieveClaimValues.
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira
