Thanx, Colm. I've added JIRA CXF-5664 for this issue.
Stephen W. Chappell Engility Holdings, Inc., SSE TAL William J. Hughes Technical Center, FAA Information Security Team, ANG-B31 (609) 485-6710 From: Colm O hEigeartaigh <[email protected]> ANG-B31, Information Security Branch To: "[email protected]" <[email protected]>, Date: 04/01/2014 10:30 AM Subject: Re: Use of <wst:Participants> with CXF STS Hi, As you have noted, the RequestParser does not yet support parsing wst:Participants. If you create a JIRA + attach a sample request I will look into it. Colm. On Mon, Mar 31, 2014 at 6:39 PM, <[email protected]> wrote: > Hello - > > I am trying to stand up an STS using CXF 2.7.7, and am having trouble with > RST's containing wst:Participants. I have a requirement that, when the RST > contains one or more Participants, each Participant must be added into the > issued token's audience restrictions. The trouble is, the CXF STS doesn't > appear to understand <wst:Participants>. > > When I send a token having the form: > > <wst:RequestSecurityToken> > <wst:RequestType> http://docs.oasis-open.org/ws-sx/ws-trust/200512/Issue > </wstRequestType> > <wsp:AppliesTo>...</wsp:AppliesTo> > <wst:UseKey>...</wst:UseKey> > <wst:Participants>...</wst:Participants> > </wst:RequestSecurityToken> > > I get a "BadRequest" SOAP fault, with the warning "An unknown (DOM) > element was received: Participants" showing up in the catalina log. Is > there a property, bean, or parameter I can use to turn on Participants > processing? Or, will I have to write a custom RequestParser class and hook > it into a custom TokenIssueOperation class? Has anyone done this already? > > Thanx, > > Steve Chappell > -- Colm O hEigeartaigh Talend Community Coder http://coders.talend.com
