[
https://issues.apache.org/jira/browse/CXF-5277?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13766464#comment-13766464
]
Colm O hEigeartaigh commented on CXF-5277:
------------------------------------------
I don't want to change the ConditionsProvider interface. What I've done is
convert the TokenRenewerParameters in SAMLTokenRenewer into
TokenProviderParameters + called the ConditionsProvider method with this object
instead. The ReceivedToken object, which is the token being renewed, is stored
in the TokenProviderParameters.additionalProperties Map under the key
ReceivedToken.class.getName(). You also have access to the TokenRequirements +
KeyRequirements etc. objects now stored in TokenProviderParameters.
Colm.
> ConditionsProvider receives limited information from SAMLTokenRenewer
> ---------------------------------------------------------------------
>
> Key: CXF-5277
> URL: https://issues.apache.org/jira/browse/CXF-5277
> Project: CXF
> Issue Type: Improvement
> Components: STS
> Affects Versions: 2.7.6
> Reporter: Ethan Wallwork
> Assignee: Colm O hEigeartaigh
>
> The ConditionsProvider receives only the appliesToAddress and lifetime when
> called from SAMLTokenRenewer. This is in contrast to issue operations where
> the full TokenProviderParameters is passed. This makes it difficult to
> calculate conditions based on other attributes of the request. For example,
> a ConditionsProvider implementation may wish to restrict renewals to a
> limited time period based on the AuthnInstant attribute of an AuthnStatement
> in the assertion being renewed.
> If the full TokenRenewerParamters were passed instead then the necessary
> information would be available to perform more complex calculations.
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira
