Uploaded image for project: 'OpenAM'
  1. OpenAM
  2. OPENAM-5969

Allowing RequesterID chain when using SAML2 Idp Proxy

    Details

    • Type: Improvement
    • Status: Resolved
    • Priority: Major
    • Resolution: Fixed
    • Affects Version/s: 12.0.0, 13.5.0
    • Fix Version/s: 13.5.1, 14.0.0
    • Component/s: SAML
    • Sprint:
      AM Sustaining Sprint 21, AM Sustaining Sprint 27, AM Sustaining Sprint 28, AM Sustaining Sprint 29
    • Support Ticket IDs:

      Description

      SAML2 standard defines a way to keep track of the chain of requesters when proxying. Currently this is not possible within OpenAM.

      See in https://docs.oasis-open.org/security/saml/v2.0/saml-core-2.0-os.pdf

      <RequesterID> [Zero or More]
      Identifies the set of requesting entities on whose behalf the requester is acting. Used to communicate the chain of requesters when proxying occurs, as described in Section 3.4.1.5. See Section 8.3.6 for a description of entity identifiers.
      

        Attachments

          Issue Links

            Activity

              People

              • Assignee:
                quentin.castel Quentin CASTEL [X] (Inactive)
                Reporter:
                nathalie.hoet Nathalie Hoet
              • Votes:
                0 Vote for this issue
                Watchers:
                5 Start watching this issue

                Dates

                • Created:
                  Updated:
                  Resolved:

                  Time Tracking

                  Estimated:
                  Original Estimate - 8h
                  8h
                  Remaining:
                  Time Spent - 5h Remaining Estimate - 3h
                  3h
                  Logged:
                  Time Spent - 5h Remaining Estimate - 3h
                  5h