[jboss-identity-issues] [JBoss JIRA] Closed: (JBID-140) JBoss STS - add a ClaimsHandler interface that allows for pluggable claims interpreters
[
https://jira.jboss.org/jira/browse/JBID-140?page=com.atlassian.jira.plugi...
]
Stefan Guilhen closed JBID-140.
-------------------------------
Resolution: Done
A ClaimsProcessor interface has been added to JBoss STS. Actual implementations are
configured in the jboss-sts.xml file:
<ClaimsProcessors>
<ClaimsProcessor ProcessorClass="org.jboss...."
Dialect="http://....">
<Property Key="key" Value="value"/>
</ClaimsProcessor>
</ClaimsProcessors>
When the STS receives a request with a Claims section, it uses the Claims dialect to
locate the processor that can handle the claims. The processor is called and is
responsible for parsing the Claims contents and for locating the attributes that
correspond to the required claims. The retrieved attributes are then available for the
token providers through the WSTrustRequestContext.
JBoss STS - add a ClaimsHandler interface that allows for pluggable
claims interpreters
---------------------------------------------------------------------------------------
Key: JBID-140
URL: https://jira.jboss.org/jira/browse/JBID-140
Project: JBoss Identity
Issue Type: Task
Components: Identity-Federation
Affects Versions: IDFED-1.0.0.alpha3
Reporter: Stefan Guilhen
Assignee: Stefan Guilhen
Fix For: IDFED-1.0.0.beta3
A WS-Trust request may contain a set of claims that must be included in the issued token.
The claims syntax is not specified, so it must be inferred from the Dialect attribute of
the Claims element. We must create a ClaimsHandler or ClaimsProvider interface in the STS
system to allow for pluggable configuration of claim handlers.
A possible default implementation could handle claims as specified by the Identity
Metasystem Interoperability 1.0 (http://docs.oasis-open.org/imi/ns/identity-200810) and
use the JBoss IDM API to obtain the necessary information.
The configuration of the ClaimsHandlers would be similar to the TokeProviders and should
also allow for the specification of general properties:
<ClaimsHandlers>
<ClaimsHandler HandlerClass="...."
ClaimsDialect="http://....">
<Property name="prop" value="value"/>
</ClaimsHandler>
</ClaimsHandler>
--
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators:
https://jira.jboss.org/jira/secure/Administrators.jspa
-
For more information on JIRA, see: http://www.atlassian.com/software/jira