Josh Smith created CXF-7729:
-------------------------------
Summary: Merge duplicate Attribute elements within an
AttributeStatement
Key: CXF-7729
URL: https://issues.apache.org/jira/browse/CXF-7729
Project: CXF
Issue Type: Improvement
Components: STS
Affects Versions: 3.1.13
Reporter: Josh Smith
When multiple claims handlers return values for a given claim type, the
resulting AttributeStatement contains duplicate Attribute Elements.
For example, requesting the role claim from two claims handlers might produce
the following AttributeStatement:
{code:xml}
<saml2:AttributeStatement>
<saml2:Attribute
Name="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/role";
NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:unspecified">
<saml2:AttributeValue xsi:type="xsd:string">admin</saml2:AttributeValue>
<saml2:AttributeValue xsi:type="xsd:string">manager</saml2:AttributeValue>
</saml2:Attribute>
<saml2:Attribute
Name="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/role";
NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:unspecified">
<saml2:AttributeValue xsi:type="xsd:string">viewer</saml2:AttributeValue>
</saml2:Attribute>
</saml2:AttributeStatement>{code}
It would be nice to merge these Attribute elements to reduce the size of the
assertion.
{code:xml}
<saml2:AttributeStatement>
<saml2:Attribute
Name="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/role";
NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:unspecified">
<saml2:AttributeValue xsi:type="xsd:string">admin</saml2:AttributeValue>
<saml2:AttributeValue xsi:type="xsd:string">manager</saml2:AttributeValue>
<saml2:AttributeValue xsi:type="xsd:string">viewer</saml2:AttributeValue>
</saml2:Attribute>
</saml2:AttributeStatement>
{code}
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)
