[
https://issues.apache.org/jira/browse/FEDIZ-218?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Arnaud MERGEY updated FEDIZ-218:
--------------------------------
Attachment: cxf-fediz.patch
> Support SAML Token without Audience Restriction
> -----------------------------------------------
>
> Key: FEDIZ-218
> URL: https://issues.apache.org/jira/browse/FEDIZ-218
> Project: CXF-Fediz
> Issue Type: Bug
> Components: Plugin
> Affects Versions: 1.4.3
> Reporter: Arnaud MERGEY
> Priority: Major
> Attachments: cxf-fediz.patch
>
>
> FEDIZ-168 descrived Fediz only supported SAML with an audience restriction.
> It said
> _Fediz Plugin should accept SAML token without audience restrictions as valid
> (if all other security requirements are met) and the Fediz IDP should be
> configurable to request SAML token from the STS without audience
> restrictions._
> It seems it was fixed on IDP side, but not on plugin side as SAML token
> without audience restriction is not accepted.
> It seems quite trivial to fix, I attach a patch proposal (I already have a
> pull request opened for another issue)
>
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)
