[ https://issues.apache.org/jira/browse/FEDIZ-218?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16480407#comment-16480407 ]
Arnaud MERGEY edited comment on FEDIZ-218 at 5/18/18 9:37 AM: -------------------------------------------------------------- Okta is conforming to this, I experienced this issue with samling tool (a simple serverless SAML tool). I already raised issues on it, for some parts not conform to specifications, in the response token the tool was sending. But I missed this one, I misinterpreted some part of the spec and I thought Audience Restiction was optional. Sorry if my bug is not valid was (Author: amergey): Okta is conforming to this, I experienced this issue with samling tool (a simple serverless SAML tool). I already raised issues on it, for some part of specifications not conform, in the response token the tool was sending, but I missed this one, I misinterpreted some part of the spec and I thought it was optional. Sorry if my bug is not valid > Support SAML Token without Audience Restriction in plugin > --------------------------------------------------------- > > Key: FEDIZ-218 > URL: https://issues.apache.org/jira/browse/FEDIZ-218 > Project: CXF-Fediz > Issue Type: Bug > Components: Plugin > Affects Versions: 1.4.3 > Reporter: Arnaud MERGEY > Priority: Major > > FEDIZ-168 descrived Fediz only supported SAML with an audience restriction. > It said > _Fediz Plugin should accept SAML token without audience restrictions as valid > (if all other security requirements are met) and the Fediz IDP should be > configurable to request SAML token from the STS without audience > restrictions._ > It seems it was fixed on IDP side, but not on plugin side as SAML token > without audience restriction is not accepted. > -- This message was sent by Atlassian JIRA (v7.6.3#76005)