[
https://issues.apache.org/jira/browse/CXF-6763?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Colm O hEigeartaigh closed CXF-6763.
------------------------------------
> STS requires ClaimHandler even in ClaimMapping only scenarios
> -------------------------------------------------------------
>
> Key: CXF-6763
> URL: https://issues.apache.org/jira/browse/CXF-6763
> Project: CXF
> Issue Type: Bug
> Components: STS
> Affects Versions: 3.1.4
> Reporter: Jan Bernhardt
> Assignee: Colm O hEigeartaigh
> Priority: Minor
> Fix For: 3.1.5, 3.0.8
>
>
> In case that the STS is used only for token mapping, the STS does not need
> ClaimHandler to lookup claims from a backend.
> Example Scenario: Fediz-IDP is used as a RP-IDP only (with no direct user
> login), but only doing claim mappings.
> In this case the STS only needs a relationship with a ClaimMapper, but no
> ClaimHandler are required.
> The following code within
> {{org.apache.cxf.sts.operation.TokenIssueOperation}} however checks if
> ClaimMapper for requested Claims exists and fails if not.
> {code}
> //Check if the requested claims can be handled by the configured claim
> handlers
> ClaimCollection requestedClaims =
> providerParameters.getRequestedPrimaryClaims();
> checkClaimsSupport(requestedClaims);
> requestedClaims = providerParameters.getRequestedSecondaryClaims();
> checkClaimsSupport(requestedClaims);
> providerParameters.setClaimsManager(claimsManager);
> {code}
> From my understanding these {{checkClaimsSupport}} can be removed completely,
> because the STS will still fail, if the requested Claims are not available in
> the end.
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
