Jan Bernhardt created FEDIZ-99:
----------------------------------
Summary: Wrong Address in PassiveRequestorEndpoint for
ApplicationServiceType
Key: FEDIZ-99
URL: https://issues.apache.org/jira/browse/FEDIZ-99
Project: CXF-Fediz
Issue Type: Improvement
Components: Plugin
Affects Versions: 1.1.2
Reporter: Jan Bernhardt
According to the WS-Federation Standard 1.2 [1] the PassiveRequestorEndpoint at
the ApplicationServiceType should be an address of the application capable of
consuming the federation response (SAML token). The current implementation
points to the URL of the IDP which is wrong.
[1]
http://docs.oasis-open.org/wsfed/federation/v1.2/os/ws-federation-1.2-spec-os.html#_Toc223174956
„The content of this element is an endpoint reference element as defined by
[WS-Addressing] that identifies an endpoint address that supports receiving the
Web (Passive) Requestor protocol messages described below in section 13.”
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
