Details
-
New Feature
-
Status: Closed
-
Major
-
Resolution: Fixed
-
2.6.1
-
None
-
Unknown
Description
A ClaimsHandler is independent of the STS realm.
Example: The LdapClaimsHandler is configured to support the claims firstname and lastname. The principal (ws-sec header, onbehalfof, actas) is mapped to the STS realm. But you must use another principal to access the claims data from the LDAP directory. Thus a claimshandler must know which principal of which realm must be used to retrieve the claims.
Therefore, the ClaimsHandler must provide the information in which realm he is applicable thus the ClaimsManager can map the identity before calling retrieveClaimValues.
Attachments
Issue Links
- Is contained by
-
CXF-5039 IdentityMapping support in ClaimsManager
- Closed