If you want to add your own AttributeStatements to the STS you can't use the "DefaultSecurityTokenServiceProvider". Instead you will need to use the "SecurityTokenServiceProvider", and add the SAMLTokenProvider explicitly to it, with your custom AttributeStatementProvider implementation.
This test configuration will go you the basic idea: http://svn.apache.org/viewvc/cxf/trunk/services/sts/systests/advanced/src/test/resources/org/apache/cxf/systest/sts/deployment/cxf-sts.xml?view=markup For example, this will instantiate the SAMLTokenProvider with a custom AttributeStatementProvider. You will then need to plug this into a TokenIssueOperation: <bean id="transportSamlTokenProvider" class="org.apache.cxf.sts.token.provider.SAMLTokenProvider"> <property name="attributeStatementProviders" ref="defaultAttributeProvider" /> </bean> <bean id="defaultAttributeProvider" class="org.apache.cxf.sts.token.provider.DefaultAttributeStatementProvider"> </bean> See here for more information: http://coheigea.blogspot.ie/2011/10/apache-cxf-sts-documentation-part-iv.html Colm. On Thu, Jun 6, 2013 at 10:52 PM, patch_78 <[email protected]> wrote: > Hi, > > Now I am using > org.apache.cxf.sts.provider.DefaultSecurityTokenServiceProvider as STS. How > can I customize/implement STS to generate <saml2:AttributeStatement> based > on data from DB? Any examples? > > patch > > > > -- > View this message in context: > http://cxf.547215.n5.nabble.com/Custom-STS-tp5728879.html > Sent from the cxf-user mailing list archive at Nabble.com. > -- Colm O hEigeartaigh Talend Community Coder http://coders.talend.com
