You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 5 Next »

Major Notes:

Claims Handling:

  • The claimType of the Claim class is now a "String" instead of a "URI".  This might break existing ClaimsHandler implementations in the STS. In addition, the ClaimsHandler interface now returns a List<String> for getSupportedClaimTypes() instead of List<URI>.
  • The Claims access control annotations/interceptors now work with JWT tokens (as well as SAML tokens). This resulted in the following package changes:
    • ClaimsAuthorizingInterceptor has moved from the cxf-rt-security-saml module to the cxf-rt-security module. The package name of the ClaimsAuthorizingInterceptor has changed: from org.apache.cxf.rt.security.saml.interceptor.ClaimsAuthorizingInterceptor to org.apache.cxf.rt.security.claims.interceptor.ClaimsAuthorizingInterceptor.
    • ClaimsAuthorizingFilter has moved from the cxf-rt-rs-security-xml module to the cxf-rt-frontend-jaxrs module. The package name of the ClaimsAuthorizingFilter  has changed: from org.apache.cxf.rs.security.saml.authorization.ClaimsAuthorizingFilter to org.apache.cxf.jaxrs.security.ClaimsAuthorizingFilter

New Features:

Major dependency changes:

  • No labels