[CXF-7382] Don't cache SecurityTokens per-endpoint when the STSClient is used as an intermediary - ASF JIRA

XML

Word

Printable

JSON

Details

Type: Improvement
Status: Closed
Priority: Major
Resolution: Fixed
Affects Version/s: None
Fix Version/s: 3.1.12, 3.2.0
Component/s: None
Labels:
None

Estimated Complexity:
Unknown

Description

If the STSClient is used as an intermediary with delegation (OnBehalfOf/ActAs) you must set the property "security.cache.issued.token.in.endpoint" to "false". Otherwise it just retrieves the first cached token from the endpoint. However, it would be better to disable caching tokens per-endpoint if we have a delegation token by default, as it is less of a security risk.

Attachments

Activity

People

Assignee:: Colm O hEigeartaigh

Reporter:: Colm O hEigeartaigh

Votes:: 0 Vote for this issue

Watchers:: 1 Start watching this issue

Dates

Created:: 25/May/17 10:39

Updated:: 01/Aug/17 16:42

Resolved:: 25/May/17 15:21