[ https://issues.apache.org/jira/browse/CXF-6763?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Colm O hEigeartaigh reassigned CXF-6763: ---------------------------------------- Assignee: Colm O hEigeartaigh > STS requires ClaimHandler even in ClaimMapping only scenarios > ------------------------------------------------------------- > > Key: CXF-6763 > URL: https://issues.apache.org/jira/browse/CXF-6763 > Project: CXF > Issue Type: Bug > Components: STS > Affects Versions: 3.1.4 > Reporter: Jan Bernhardt > Assignee: Colm O hEigeartaigh > Priority: Minor > > In case that the STS is used only for token mapping, the STS does not need > ClaimHandler to lookup claims from a backend. > Example Scenario: Fediz-IDP is used as a RP-IDP only (with no direct user > login), but only doing claim mappings. > In this case the STS only needs a relationship with a ClaimMapper, but no > ClaimHandler are required. > The following code within > {{org.apache.cxf.sts.operation.TokenIssueOperation}} however checks if > ClaimMapper for requested Claims exists and fails if not. > {code} > //Check if the requested claims can be handled by the configured claim > handlers > ClaimCollection requestedClaims = > providerParameters.getRequestedPrimaryClaims(); > checkClaimsSupport(requestedClaims); > requestedClaims = providerParameters.getRequestedSecondaryClaims(); > checkClaimsSupport(requestedClaims); > providerParameters.setClaimsManager(claimsManager); > {code} > From my understanding these {{checkClaimsSupport}} can be removed completely, > because the STS will still fail, if the requested Claims are not available in > the end. -- This message was sent by Atlassian JIRA (v6.3.4#6332)