I think the historical reason is that the endpoint URI for jms used to
be "jms://" for all endpoints. So it did not mean anything.
Today this is different. So it makes sense to provide the URI.
Unfortunately I have no idea where in the code this is done. If you can
point me to the place where the http uri is extracted I am sure I can
also make the jms one visible.
Christian
On 30.10.2015 13:14, vbogatyrov wrote:
Hi,
I'm using CXF 3.1.3 with JMS transport and SAML. For all incoming messages
SAML audience restriction check fails on provider side.
In my case SAML assertion contains only one audience restriction string, the
JMS URI of the endpoint, like this one:
jms:jndi:dynamicQueues/example.queue?jndiInitialContextFactory=org.apache.activemq.jndi.ActiveMQInitialContextFactory&jndiConnectionFactoryName=ConnectionFactory&jndiURL=tcp://localhost:61616
The thing is that in case when JMS transport is used, CXF provides to wss4j
only service QName in the list of audience restrictions. In case of HTTP
transport it provides both service QName and the endpoint URL.
Is it an expected behaviour? And if it is, what is the supposed way of
handling the situation above?
--
View this message in context:
http://cxf.547215.n5.nabble.com/Using-JMS-URI-as-a-SAML-audience-restriction-tp5762392.html
Sent from the cxf-user mailing list archive at Nabble.com.
--
Christian Schneider
http://www.liquid-reality.de
Open Source Architect
http://www.talend.com
