Hi Francesco, On Tue, Jun 27, 2017 at 9:24 AM, Francesco Chicchiriccò <ilgro...@apache.org > wrote:
> Instead of providing a map in securityContext.xml, I would rather enable > [1] to dynamically discover JwsSignatureVerifier implementations (or maybe > a new interface of ours extending that, adding a getIssuer() method). > Moreover, the new interface extending JwsSignatureVerifier could also > provide a method to resolve the JWT subject into Syncope username (known > user). > If you like, I can take care of this. > +1 - please do! > > Please also note that such SSO would work only at REST level; in order to > enable Admin Console or Enduser UI to that, something like the SAML 2.0 SP > Agent [2] will need to be provided. > Yep that's fine. > > As people started asking for 2.0.4 [3][4] and CXF 3.1.12 is under vote, I > think we should start finalizing, e.g. postponing new features and > improvements to 2.0.5. But maybe this one can still fit. > No rush from my POV. Let's get it into JIRA anyway so that we can track it. Colm. > > Regards. > > [1] https://github.com/apache/syncope/blob/2_0_X/core/logic/src/ > main/java/org/apache/syncope/core/logic/init/ClassPathScanI > mplementationLookup.java > [2] https://github.com/apache/syncope/blob/2_0_X/ext/saml2sp/ > agent/src/main/java/org/apache/syncope/ext/saml2lsp/ > agent/AssertionConsumer.java#L47 > [3] https://lists.apache.org/thread.html/d8a6f8fe3629d1d00165e24 > 61458511d8ace983af6006a5d304fa6a9@%3Cuser.syncope.apache.org%3E > [4] https://lists.apache.org/thread.html/7d9072146f01994c8fb7f02 > c8af1f88e031345e391c06970a8fcf1ff@%3Cuser.syncope.apache.org%3E > > -- > Francesco Chicchiriccò > > Tirasa - Open Source Excellence > http://www.tirasa.net/ > > Member at The Apache Software Foundation > Syncope, Cocoon, Olingo, CXF, OpenJPA, PonyMail > http://home.apache.org/~ilgrosso/ > > -- Colm O hEigeartaigh Talend Community Coder http://coders.talend.com
