[
https://issues.apache.org/jira/browse/CXF-8648?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17483654#comment-17483654
]
Oliver Wulff commented on CXF-8648:
-----------------------------------
I'd provide the option to pass the ClaimsAuthorizingInterceptor as a
constructor argument due to the other two setters (setClaims,
setSecuredObject). I'd consider these two setters as deprecated in 3.6 because
the recommended approach in the next major version should be to use the setters
on the ClaimsAuthorizingInterceptor instead.
WDYT?
> Make ClaimsAuthorizingInterceptor configurable in ClaimsAuthorizingFilter
> -------------------------------------------------------------------------
>
> Key: CXF-8648
> URL: https://issues.apache.org/jira/browse/CXF-8648
> Project: CXF
> Issue Type: Improvement
> Components: JAX-RS Security
> Affects Versions: 3.5.0, 3.4.5
> Reporter: Oliver Wulff
> Assignee: Colm O hEigeartaigh
> Priority: Minor
> Fix For: 3.5.1, 4.0.0
>
>
> The ClaimsAuthorizingInterceptor is not configurable within the
> ClaimsAuthorizingFilter. Thus the configuration options for the
> ClaimsAuthorizingInterceptor (e.g. nameAliases, formatAliases).
> https://github.com/apache/cxf/blob/master/rt/frontend/jaxrs/src/main/java/org/apache/cxf/jaxrs/security/ClaimsAuthorizingFilter.java
--
This message was sent by Atlassian Jira
(v8.20.1#820001)
