[JBoss JIRA] Created: (JBID-137) JBoss STS - improve the configuration to allow for general properties to be specified for each token provider
3:04 p.m.
JBoss STS - improve the configuration to allow for general properties to be specified for
each token provider
-------------------------------------------------------------------------------------------------------------
Key: JBID-137
URL: https://jira.jboss.org/jira/browse/JBID-137
Project: JBoss Identity
Issue Type: Task
Components: Identity-Federation
Affects Versions: IDFED-1.0.0.alpha3
Reporter: Stefan Guilhen
Assignee: Stefan Guilhen
Fix For: IDFED-1.0.0.alpha4
JBoss STS does not currently provide a way to specify general properties for a token
provider. A token provider may be configurable (for example, a provider may take an URL of
a third-party service or repository) and the configuration schema must be changed to allow
the specification of properties.
The token providers should also be associated with the token element (namespace and local
name) besides the token type. The reason for doing this is that
validation/renewing/cancellation requests do not specify the token type explicitly so it
must be inferred by the token element. The only way for the STS to figure out which
provider should be used to validate the token is by having an association between token
elements and providers. Something like:
<TokenProvider ProviderClass="...." TokenType="..."
TokenNamespace="urn:...." TokenName="Assertion">
<Property name="..." value="..."/>
<Property name="..." vluae="..."/>
</TokenProvider>
A final note about configuration is about the need for the TruststoreAlias attribute of
the ServiceProvider. The alias of each service provider can be configured through the
ValidatingAlias element of KeyProvider, so we may just make the TruststoreAlias attribute
optional.
--
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators:
https://jira.jboss.org/jira/secure/Administrators.jspa
-
For more information on JIRA, see: http://www.atlassian.com/software/jira
4:48 p.m.
New subject: [JBoss JIRA] Updated: (JBID-137) JBoss STS - improve the configuration to allow for general properties to be specified for each token provider
[
https://jira.jboss.org/jira/browse/JBID-137?page=com.atlassian.jira.plugi...
]
Anil Saldhana updated JBID-137:
-------------------------------
Fix Version/s: IDFED-1.0.0.beta2
(was: IDFED-1.0.0.beta1)
JBoss STS - improve the configuration to allow for general properties
to be specified for each token provider
-------------------------------------------------------------------------------------------------------------
Key: JBID-137
URL: https://jira.jboss.org/jira/browse/JBID-137
Project: JBoss Identity
Issue Type: Task
Components: Identity-Federation
Affects Versions: IDFED-1.0.0.alpha3
Reporter: Stefan Guilhen
Assignee: Stefan Guilhen
Fix For: IDFED-1.0.0.beta2
JBoss STS does not currently provide a way to specify general properties for a token
provider. A token provider may be configurable (for example, a provider may take an URL of
a third-party service or repository) and the configuration schema must be changed to allow
the specification of properties.
The token providers should also be associated with the token element (namespace and local
name) besides the token type. The reason for doing this is that
validation/renewing/cancellation requests do not specify the token type explicitly so it
must be inferred by the token element. The only way for the STS to figure out which
provider should be used to validate the token is by having an association between token
elements and providers. Something like:
<TokenProvider ProviderClass="...." TokenType="..."
TokenNamespace="urn:...." TokenName="Assertion">
<Property name="..." value="..."/>
<Property name="..." vluae="..."/>
</TokenProvider>
A final note about configuration is about the need for the TruststoreAlias attribute of
the ServiceProvider. The alias of each service provider can be configured through the
ValidatingAlias element of KeyProvider, so we may just make the TruststoreAlias attribute
optional.
--
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators:
https://jira.jboss.org/jira/secure/Administrators.jspa
-
For more information on JIRA, see: http://www.atlassian.com/software/jira
1:51 p.m.
New subject: [JBoss JIRA] Closed: (JBID-137) JBoss STS - improve the configuration to allow for general properties to be specified for each token provider
[
https://jira.jboss.org/jira/browse/JBID-137?page=com.atlassian.jira.plugi...
]
Stefan Guilhen closed JBID-137.
-------------------------------
Resolution: Done
Token providers can now specify general properties in the configuration. These properties
are set in the provider class after it is instantiated:
public void initialize(Map<String, String> properties);
The providers must also specify the security token element name and namespace in the
configuration. This allows the request handler to identify which token provider should be
used to validate/renew/cancel a given security token (in these cases the token type is not
specified, so we must derive the token provider from the token itself).
This is an example of how a token provider is declared now:
<TokenProvider
ProviderClass="org.jboss.test.identity.federation.bindings.wstrust.SpecialTokenProvider"
TokenType="http://www.tokens.org/SpecialToken"
TokenElement="SpecialToken"
TokenElementNS="http://www.tokens.org">
<Property Name="Property1" Value="Value1"/>
<Property Name="Property2" Value="Value2"/>
</TokenProvider>
The TokenElement and TokenElementNS attributes are used by the request handler to locate
the token provider using the security token element information.
JBoss STS - improve the configuration to allow for general properties
to be specified for each token provider
-------------------------------------------------------------------------------------------------------------
Key: JBID-137
URL: https://jira.jboss.org/jira/browse/JBID-137
Project: JBoss Identity
Issue Type: Task
Components: Identity-Federation
Affects Versions: IDFED-1.0.0.alpha3
Reporter: Stefan Guilhen
Assignee: Stefan Guilhen
Fix For: IDFED-1.0.0.beta2
JBoss STS does not currently provide a way to specify general properties for a token
provider. A token provider may be configurable (for example, a provider may take an URL of
a third-party service or repository) and the configuration schema must be changed to allow
the specification of properties.
The token providers should also be associated with the token element (namespace and local
name) besides the token type. The reason for doing this is that
validation/renewing/cancellation requests do not specify the token type explicitly so it
must be inferred by the token element. The only way for the STS to figure out which
provider should be used to validate the token is by having an association between token
elements and providers. Something like:
<TokenProvider ProviderClass="...." TokenType="..."
TokenNamespace="urn:...." TokenName="Assertion">
<Property name="..." value="..."/>
<Property name="..." vluae="..."/>
</TokenProvider>
A final note about configuration is about the need for the TruststoreAlias attribute of
the ServiceProvider. The alias of each service provider can be configured through the
ValidatingAlias element of KeyProvider, so we may just make the TruststoreAlias attribute
optional.
--
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators:
https://jira.jboss.org/jira/secure/Administrators.jspa
-
For more information on JIRA, see: http://www.atlassian.com/software/jira
5593
days inactive
5638
days old
jboss-identity-issues@lists.jboss.org
2 comments
2 participants
participants (2)
-
Anil Saldhana (JIRA) -
Stefan Guilhen (JIRA)