cxf-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From build...@apache.org
Subject svn commit: r820382 - in /websites/production/cxf/content: cache/main.pageCache fediz.html
Date Tue, 05 Jun 2012 19:48:03 GMT
Author: buildbot
Date: Tue Jun  5 19:48:02 2012
New Revision: 820382

Log:
Production update by buildbot for cxf

Modified:
    websites/production/cxf/content/cache/main.pageCache
    websites/production/cxf/content/fediz.html

Modified: websites/production/cxf/content/cache/main.pageCache
==============================================================================
Binary files - no diff available.

Modified: websites/production/cxf/content/fediz.html
==============================================================================
--- websites/production/cxf/content/fediz.html (original)
+++ websites/production/cxf/content/fediz.html Tue Jun  5 19:48:02 2012
@@ -140,13 +140,12 @@ Apache CXF -- Fediz
 
 <h2><a shape="rect" name="Fediz-Overview"></a>Overview</h2>
 
-<p>Apache CXF Fediz is a subproject of CXF. Fediz helps you to secure your web applications
and delegates security enforcement to the underlying application server. Authentication is
externalized from your web application to an identity provider which is a dedicated server
component. The supported standard is WS-Federation 1.2 Passive Requestor Profile. Fediz supports
Claims based Access control beyond Role Based Access Control (RBAC).</p>
+<p>Apache CXF Fediz is a subproject of CXF. Fediz helps you to secure your web applications
and delegates security enforcement to the underlying application server. With Fediz, authentication
is externalized from your web application to an identity provider installed as a dedicated
server component. The supported standard is <a shape="rect" class="external-link" href="http://docs.oasis-open.org/wsfed/federation/v1.2/os/ws-federation-1.2-spec-os.html#_Toc223175002"
rel="nofollow">WS-Federation 1.2 Passive Requestor Profile</a>. Fediz supports <a
shape="rect" class="external-link" href="http://en.wikipedia.org/wiki/Claims-based_identity"
rel="nofollow">Claims Based Access Control</a> beyond Role Based Access Control (RBAC).</p>
 
 
 <h2><a shape="rect" name="Fediz-News"></a>News</h2>
 
 
-
 <h2><a shape="rect" name="Fediz-Features"></a>Features</h2>
 
 <p>The following features are supported by the Fediz plugin 1.0</p>
@@ -161,13 +160,13 @@ Apache CXF -- Fediz
 
 <h2><a shape="rect" name="Fediz-Gettingstarted"></a>Getting started</h2>
 
-<p>The WS-Federation specification defines the following parties involved during the
web login:</p>
+<p>The WS-Federation specification defines the following parties involved during a
web login:</p>
 <ul><li>Browser</li><li>Identity Provider (IDP)<br clear="none">
-The IDP is a centralized, application independent runtime component which implements the
protocol defined by WS-Federation. You can use any open source or commercial product as your
IDP which supports WS-Federation 1.1/1.2. It's recommended to use the Fediz IDP for testing
as it allows to test your web application in a sandbox without having all infrastructure components
available. The Fediz IDP consists of two WAR components. The Security Token Service (STS)
is doing most of the part like authenticating the user, retrieve claims/role data and create
the SAML token. The IDP WAR translates the response to a HTML response thus a browser can
process it.</li><li>Relying Party (RP)<br clear="none">
-The RP is the web application which should be protected. The RP must be able to implement
the protocol as defined by WS-Federation. This component is called "Fediz Plugin" in this
project which consists of container agnostic module/jar and a container specific jar. When
an authenticated request is detected by the plugin it redirects to the IDP or authentication.
The browser sends the response from IDP to the RP after successful authentication. The RP
validates the response and creates the container security context.</li></ul>
+The IDP is a centralized, application independent runtime component which implements the
protocol defined by WS-Federation. You can use any open source or commercial product that
supports WS-Federation 1.1/1.2 as your IDP. It's recommended to use the Fediz IDP for testing
as it allows for testing your web application in a sandbox without having all infrastructure
components available. The Fediz IDP consists of two WAR components. The Security Token Service
(STS) does most of the work including user authentication, claims/role data retrieval and
creating the SAML token. The IDP WAR translates the response to an HTML response allowing
a browser to process it.</li><li>Relying Party (RP)<br clear="none">
+The RP is a web application that needs to be protected. The RP must be able to implement
the protocol as defined by WS-Federation. This component is called "Fediz Plugin" in this
project which consists of container agnostic module/jar and a container specific jar. When
an authenticated request is detected by the plugin it redirects to the IDP for authentication.
The browser sends the response from the IDP to the RP after successful authentication. The
RP validates the response and creates the container security context.</li></ul>
 
 
-<p>It's recommended to deploy the IDP and the web application (RP) into different container
instances as in a production deployment. The container with the IDP can be used during development
and testing for any web application.</p>
+<p>It's recommended to deploy the IDP and the web application (RP) into different container
instances as in a production deployment. The container with the IDP can be used during development
and testing for multiple web applications needing security.</p>
 
 <h3><a shape="rect" name="Fediz-SettinguptheIDP"></a>Setting up the IDP</h3>
 
@@ -175,7 +174,7 @@ The RP is the web application which shou
 
 <h3><a shape="rect" name="Fediz-SetuptheRelyingPartyContainer"></a>Set
up the Relying Party Container</h3>
 
-<p>The Fediz plugin is deployed into the Relying Party (RP) container. The security
mechanism is not specified by JEE. Even it is very similar in each Servlet Container there
are some differences which requires dedicated Fediz plugins for each Servlet Container implementation.
Most of the configuration is container independent and described <a shape="rect" href="fediz-configuration.html"
title="Fediz Configuration">here</a></p>
+<p>The Fediz plugin needs to be deployed into the Relying Party (RP) container. The
security mechanism is not specified by JEE. Even though it is very similar in each servlet
container there are some differences which require a dedicated Fediz plugin for each servlet
container implementation. Most of the configuration is container independent and described
<a shape="rect" href="fediz-configuration.html" title="Fediz Configuration">here</a></p>
 
 <p>The following lists shows the supported containers and the location of the installation
and configuration page.</p>
 <ul><li><a shape="rect" href="fediz-tomcat.html" title="Fediz Tomcat">Tomcat
7 </a></li></ul>



Mime
View raw message