[
https://issues.apache.org/jira/browse/FEDIZ-218?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16480407#comment-16480407
]
Arnaud MERGEY edited comment on FEDIZ-218 at 5/18/18 9:36 AM:
--------------------------------------------------------------
Okta is conforming to this, I experienced this issue with samling tool (a
simple serverless SAML tool).
I already raised issues on it, for some part of specifications not conform, in
the response token the tool was sending, but I missed this one, I
misinterpreted some part of the spec and I thought it was optional. Sorry if my
bug is not valid
was (Author: amergey):
Okta is conforming to this, I experienced an issue this with samling tool (a
simple serverless SAML tool).
I already raised issues on it, for some part of specifications not conform, in
the response token the tool was sending, but I missed this one, I
misinterpreted some part of the spec and I thought it was optional. Sorry if my
bug is not valid
> Support SAML Token without Audience Restriction in plugin
> ---------------------------------------------------------
>
> Key: FEDIZ-218
> URL: https://issues.apache.org/jira/browse/FEDIZ-218
> Project: CXF-Fediz
> Issue Type: Bug
> Components: Plugin
> Affects Versions: 1.4.3
> Reporter: Arnaud MERGEY
> Priority: Major
>
> FEDIZ-168 descrived Fediz only supported SAML with an audience restriction.
> It said
> _Fediz Plugin should accept SAML token without audience restrictions as valid
> (if all other security requirements are met) and the Fediz IDP should be
> configurable to request SAML token from the STS without audience
> restrictions._
> It seems it was fixed on IDP side, but not on plugin side as SAML token
> without audience restriction is not accepted.
>
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)
