cxf-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From build...@apache.org
Subject svn commit: r821449 - in /websites/production/cxf/content: cache/main.pageCache fediz-configuration.html fediz-metadata.html
Date Tue, 12 Jun 2012 15:47:50 GMT
Author: buildbot
Date: Tue Jun 12 15:47:49 2012
New Revision: 821449

Log:
Production update by buildbot for cxf

Added:
    websites/production/cxf/content/fediz-metadata.html
Modified:
    websites/production/cxf/content/cache/main.pageCache
    websites/production/cxf/content/fediz-configuration.html

Modified: websites/production/cxf/content/cache/main.pageCache
==============================================================================
Binary files - no diff available.

Modified: websites/production/cxf/content/fediz-configuration.html
==============================================================================
--- websites/production/cxf/content/fediz-configuration.html (original)
+++ websites/production/cxf/content/fediz-configuration.html Tue Jun 12 15:47:49 2012
@@ -137,7 +137,9 @@ Apache CXF -- Fediz Configuration
            <!-- Content -->
            <div class="wiki-content">
 <div id="ConfluenceContent"><h1><a shape="rect" name="FedizConfiguration-FedizPluginconfiguration"></a>Fediz
Plugin configuration</h1>
-<p>This page describes the Fediz configuration file referenced by the security interceptor
(eg. authenticator in Tomcat/Jetty).</p>
+<p>This page describes the Fediz configuration file referenced by the security interceptor
of the Servlet Container (eg. authenticator in Tomcat/Jetty).</p>
+
+<p>The Fediz configuration information is used to publish the federation Metadata document
which is described <a shape="rect" href="fediz-metadata.html" title="Fediz Metadata">here</a></p>
 
 <h3><a shape="rect" name="FedizConfiguration-Example"></a>Example</h3>
 <p>The following example shows the minimum configuration for Fediz.</p>

Added: websites/production/cxf/content/fediz-metadata.html
==============================================================================
--- websites/production/cxf/content/fediz-metadata.html (added)
+++ websites/production/cxf/content/fediz-metadata.html Tue Jun 12 15:47:49 2012
@@ -0,0 +1,310 @@
+
+<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
+<!--
+
+    Licensed to the Apache Software Foundation (ASF) under one or more
+    contributor license agreements.  See the NOTICE file distributed with
+    this work for additional information regarding copyright ownership.
+    The ASF licenses this file to You under the Apache License, Version 2.0
+    (the "License"); you may not use this file except in compliance with
+    the License.  You may obtain a copy of the License at
+
+       http://www.apache.org/licenses/LICENSE-2.0
+
+    Unless required by applicable law or agreed to in writing, software
+    distributed under the License is distributed on an "AS IS" BASIS,
+    WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+    See the License for the specific language governing permissions and
+    limitations under the License.
+-->
+<html>
+  <head>
+    <link type="text/css" rel="stylesheet" href="http://cxf.apache.org/resources/site.css">
+    <script src="http://cxf.apache.org/resources/space.js" type="text/javascript"></script>
+    
+<meta http-equiv="Content-type" content="text/html;charset=UTF-8">
+<meta name="keywords" content="business integration, EAI, SOA, Service Oriented Architecture,
web services, SOAP, JBI, JMS, WSDL, XML, EDI, Electronic Data Interchange, standards support,
integration standards, application integration, middleware, software, solutions, services,
CXF, open source">
+<meta name="description" content="Apache CXF, Services Framework - Fediz Metadata">
+    <title>
+Apache CXF -- Fediz Metadata
+    </title>
+  </head>
+<body onload="init()">
+
+
+<table width="100%" cellpadding="0" cellspacing="0">
+  <tr>
+    <td id="cell-0-0" colspan="2">&nbsp;</td>
+    <td id="cell-0-1">&nbsp;</td>
+    <td id="cell-0-2" colspan="2">&nbsp;</td>
+  </tr>
+  <tr>
+    <td id="cell-1-0">&nbsp;</td>
+    <td id="cell-1-1">&nbsp;</td>
+    <td id="cell-1-2">
+      <div style="padding: 5px;">
+        <div id="banner">
+          <!-- Banner -->
+<div id="banner-content">
+<table border="0" cellpadding="0" cellspacing="0" width="100%"><tr><td align="left"
colspan="1" nowrap>
+<a shape="rect" href="http://cxf.apache.org/" title="Apache CXF"><span style="font-weight:
bold; font-size: 170%; color: white">Apache CXF</span></a>
+</td><td align="right" colspan="1" nowrap>
+<a shape="rect" href="http://www.apache.org/" title="The Apache Software Foundation"><img
border="0" alt="ASF Logo" src="http://cxf.apache.org/images/asf-logo.png"></a>
+</td></tr></table>
+</div>
+          <!-- Banner -->
+        </div>
+      </div>
+      <div id="top-menu">
+        <table border="0" cellpadding="1" cellspacing="0" width="100%">
+          <tr>
+            <td>
+              <div align="left">
+                <!-- Breadcrumbs -->
+<a href="index.html">Index</a>&nbsp;&gt;&nbsp;<a href="fediz.html">Fediz</a>&nbsp;&gt;&nbsp;<a
href="fediz-metadata.html">Fediz Metadata</a>
+                <!-- Breadcrumbs -->
+              </div>
+            </td>
+            <td>
+              <div align="right">
+                <!-- Quicklinks -->
+<div id="quicklinks"><p><a shape="rect" href="download.html" title="Download">Download</a>
| <a shape="rect" href="http://cxf.apache.org/docs/index.html">Documentation</a></p></div>
+                <!-- Quicklinks -->
+              </div>
+            </td>
+          </tr>
+        </table>
+      </div>
+    </td>
+    <td id="cell-1-3">&nbsp;</td>
+    <td id="cell-1-4">&nbsp;</td>
+  </tr>
+  <tr>
+    <td id="cell-2-0" colspan="2">&nbsp;</td>
+    <td id="cell-2-1">
+      <table>
+        <tr valign="top">
+          <td height="100%">
+            <div id="wrapper-menu-page-right">
+              <div id="wrapper-menu-page-top">
+                <div id="wrapper-menu-page-bottom">
+                  <div id="menu-page">
+                    <!-- NavigationBar -->
+<div id="navigation"><h3><a shape="rect" name="Navigation-ApacheCXFIndex"></a><a
shape="rect" href="index.html" title="Index">Apache CXF</a></h3>
+
+<ul class="alternate" type="square"><li><a shape="rect" href="index.html"
title="Index">Home</a></li><li><a shape="rect" href="download.html"
title="Download">Download</a></li><li><a shape="rect" href="people.html"
title="People">People</a></li><li><a shape="rect" href="project-status.html"
title="Project Status">Project Status</a></li><li><a shape="rect"
href="roadmap.html" title="Roadmap">Roadmap</a></li><li><a shape="rect"
href="mailing-lists.html" title="Mailing Lists">Mailing Lists</a></li><li><a
shape="rect" class="external-link" href="http://issues.apache.org/jira/browse/CXF">Issue
Reporting</a></li><li><a shape="rect" href="special-thanks.html" title="Special
Thanks">Special Thanks</a></li><li><a shape="rect" class="external-link"
href="http://www.apache.org/licenses/">License</a></li><li><a shape="rect"
href="security-advisories.html" title="Security Advisories">Security Advisories</a></li></ul>
+
+
+<h3><a shape="rect" name="Navigation-Users"></a>Users</h3>
+
+<ul class="alternate" type="square"><li><a shape="rect" href="http://cxf.apache.org/docs/index.html">User's
Guide</a></li><li><a shape="rect" href="support.html" title="Support">Support</a></li><li><a
shape="rect" href="faq.html" title="FAQ">FAQ</a></li><li><a shape="rect"
href="resources-and-articles.html" title="Resources and Articles">Resources and Articles</a></li></ul>
+
+
+<h3><a shape="rect" name="Navigation-Search"></a>Search</h3>
+
+<form enctype="application/x-www-form-urlencoded" method="get" id="cse-search-box" action="http://www.google.com/cse">
+  <div>
+    <input type="hidden" name="cx" value="002890367768291051730:o99qiwa09y4">
+    <input type="hidden" name="ie" value="UTF-8">
+    <input type="text" name="q" size="21">
+    <input type="submit" name="sa" value="Search">
+  </div>
+</form>
+<script type="text/javascript" src="http://www.google.com/cse/brand?form=cse-search-box&amp;lang=en"></script>
+
+
+<h3><a shape="rect" name="Navigation-Developers"></a>Developers</h3>
+
+<ul class="alternate" type="square"><li><a shape="rect" href="http://cxf.apache.org/docs/cxf-architecture.html">Architecture
Guide</a></li><li><a shape="rect" href="source-repository.html" title="Source
Repository">Source Repository</a></li><li><a shape="rect" href="building.html"
title="Building">Building</a></li><li><a shape="rect" href="automated-builds.html"
title="Automated Builds">Automated Builds</a></li><li><a shape="rect"
href="testing-debugging.html" title="Testing-Debugging">Testing-Debugging</a></li><li><a
shape="rect" href="coding-guidelines.html" title="Coding Guidelines">Coding Guidelines</a></li><li><a
shape="rect" href="getting-involved.html" title="Getting Involved">Getting Involved</a></li><li><a
shape="rect" href="release-management.html" title="Release Management">Release Management</a></li></ul>
+
+
+<h3><a shape="rect" name="Navigation-Subprojects"></a>Subprojects</h3>
+
+<ul class="alternate" type="square"><li><a shape="rect" href="distributed-osgi.html"
title="Distributed OSGi">Distributed OSGi</a></li><li><a shape="rect"
href="xjc-utils.html" title="XJC Utils">XJC Utils</a></li><li><a shape="rect"
href="build-utils.html" title="Build Utils">Build Utils</a></li><li><a
shape="rect" href="fediz.html" title="Fediz">Fediz</a></li></ul>
+
+
+<h3><a shape="rect" name="Navigation-ASF"></a><a shape="rect" class="external-link"
href="http://www.apache.org">ASF</a></h3>
+
+<ul class="alternate" type="square"><li><a shape="rect" class="external-link"
href="http://www.apache.org/foundation/how-it-works.html">How Apache Works</a></li><li><a
shape="rect" class="external-link" href="http://www.apache.org/foundation/">Foundation</a></li><li><a
shape="rect" class="external-link" href="http://www.apache.org/foundation/sponsorship.html">Sponsor
Apache</a></li><li><a shape="rect" class="external-link" href="http://www.apache.org/foundation/thanks.html">Thanks</a></li><li><a
shape="rect" class="external-link" href="http://www.apache.org/security/">Security</a></li></ul>
+</div>
+                    <!-- NavigationBar -->
+                  </div>
+              </div>
+            </div>
+          </div>
+         </td>
+         <td height="100%">
+           <!-- Content -->
+           <div class="wiki-content">
+<div id="ConfluenceContent"><h1><a shape="rect" name="FedizMetadata-FedizMetadata"></a>Fediz
Metadata</h1>
+<p>Both the Relying Party (RP) and IDP/STS (Security Token Service) can publish its
Federation metadata information in a standardized federation documentfashion as defined <a
shape="rect" class="external-link" href="http://docs.oasis-open.org/wsfed/federation/v1.2/os/ws-federation-1.2-spec-os.html#_Toc223174943"
rel="nofollow">here</a>.</p>
+
+<h3><a shape="rect" name="FedizMetadata-Introduction"></a>Introduction</h3>
+<p>This specification defines concrete service roles. The <b>ApplicationServiceType</b>
describes the capabilities of the Relying Party whereas the <b>SecurityTokenServiceType</b>
describes the capabilities of the IDP/STS.</p>
+
+<p>The following xml snippets are copied from the spec to illustrate the structure:</p>
+
+<ul><li><b>Relying Party</b></li></ul>
+
+
+<div class="code panel" style="border-width: 1px;"><div class="codeContent panelContent">
+<pre class="code-xml">
+&lt;EntityDescriptor xmlns=<span class="code-quote">"urn:oasis:names:tc:SAML:2.0:metadata"</span>
+   <span class="code-keyword">xmlns:saml</span>=<span class="code-quote">"urn:oasis:names:tc:SAML:2.0:assertion"</span>
+   <span class="code-keyword">xmlns:ds</span>=<span class="code-quote">"http://www.w3.org/2000/09/xmldsig#"</span>
+   entityID=<span class="code-quote">"..."</span>&gt;
+   <span class="code-tag">&lt;ds:Signature&gt;</span>...<span class="code-tag">&lt;/ds:Signature&gt;</span>
+   &lt;RoleDescriptor xsi:type=<span class="code-quote">"fed:ApplicationServiceType"</span>
+          protocolSupportEnumeration=<span class="code-quote">"http://docs.oasis-open.org/wsfed/federation/200706"</span>
+          <span class="code-quote">"http://docs.oasis-open.org/ws-sx/ws-trust/200512"</span>&gt;
+          ...
+   <span class="code-tag">&lt;/RoleDescriptor&gt;</span>
+   ...
+<span class="code-tag">&lt;/EntityDescriptor&gt;</span>
+</pre>
+</div></div>
+
+
+<ul><li><b>IDP / STS</b></li></ul>
+
+
+<div class="code panel" style="border-width: 1px;"><div class="codeContent panelContent">
+<pre class="code-xml">
+&lt;EntityDescriptor xmlns=<span class="code-quote">"urn:oasis:names:tc:SAML:2.0:metadata"</span>
+   <span class="code-keyword">xmlns:saml</span>=<span class="code-quote">"urn:oasis:names:tc:SAML:2.0:assertion"</span>
+   <span class="code-keyword">xmlns:ds</span>=<span class="code-quote">"http://www.w3.org/2000/09/xmldsig#"</span>
+   entityID=<span class="code-quote">"..."</span>&gt;
+   <span class="code-tag">&lt;ds:Signature&gt;</span>...<span class="code-tag">&lt;/ds:Signature&gt;</span>
+   &lt;RoleDescriptor xsi:type=<span class="code-quote">"fed:SecurityTokenServiceType"</span>
+          protocolSupportEnumeration=<span class="code-quote">"http://docs.oasis-open.org/wsfed/federation/200706"</span>
+          <span class="code-quote">"http://docs.oasis-open.org/ws-sx/ws-trust/200512"</span>&gt;
+          ...
+   <span class="code-tag">&lt;/RoleDescriptor&gt;</span>
+   ...
+<span class="code-tag">&lt;/EntityDescriptor&gt;</span>
+</pre>
+</div></div>
+
+<h3><a shape="rect" name="FedizMetadata-Usage"></a>Usage</h3>
+
+<p>The Federation metadata document is an easier way to configure the RP in the IDP/STS
or to configure the IDP/STS in the RP. The following two sections describe the usage of each
case.</p>
+
+<h5><a shape="rect" name="FedizMetadata-MetadatadocumentofIDP%2FSTS"></a>Metadata
document of IDP/STS</h5>
+
+<p>The federation metadata document of the IDP/STS can be used to resolve IDP/STS configuration
information at runtime or during deployment time.</p>
+
+<p><em>Example:</em> The Microsoft tool FedUtil allows to establish the
trust in the RP application to an already existing IDP/STS. You configure the URL of the published
metadata document and it generates the federation related configuration in the application
configuration file <tt>web.config</tt> thus you don't have to configure it manually.</p>
+
+<p>Fediz doesn't provide such kind of tool to generate the IDP/STS related configuration
in the <a shape="rect" href="fediz-configuration.html" title="Fediz Configuration">Fediz
configuration</a> file right now.</p>
+
+<h5><a shape="rect" name="FedizMetadata-MetadatadocumentofRP"></a>Metadata
document of RP</h5>
+
+<p>The federation metadata document of the RP can be used within the IDP/STS to resolve
configuration information at runtime. This is pretty useful as it allows to tell the IDP/STS
what claims are required by the application. If the application requires additional claims
it can be configured on the application side.</p>
+
+<p>Fediz supports publishing the Metadata document on the RP side. This document is
built at runtime based on the <a shape="rect" href="fediz-configuration.html" title="Fediz
Configuration">Fediz configuration</a>.</p>
+
+<p>The syntax of the url is:</p>
+
+<p><b><tt>https://&lt;host&gt;:&lt;port&gt;/&lt;context&gt;/FederationMetadata/2007-06/FederationMetadata.xml</tt></b></p>
+
+<p>The Fediz example applications have got the context <tt>fedizhelloworld</tt>.</p>
+
+<p>This is an example metadata document:</p>
+
+<div class="code panel" style="border-width: 1px;"><div class="codeContent panelContent">
+<pre class="code-xml">
+<span class="code-tag">&lt;EntityDescriptor ID=<span class="code-quote">"_36BF9BFBF49BA48A2D13395075556522"</span>
entityID=<span class="code-quote">"https://localhost:8443/fedizhelloworld/"</span>
<span class="code-keyword">xmlns:auth</span>=<span class="code-quote">"http://docs.oasis-open.org/wsfed/federation/200706"</span>
<span class="code-keyword">xmlns:fed</span>=<span class="code-quote">"http://docs.oasis-open.org/wsfed/federation/200706"</span>
<span class="code-keyword">xmlns:wsa</span>=<span class="code-quote">"http://www.w3.org/2005/08/addressing"</span>
<span class="code-keyword">xmlns:xsi</span>=<span class="code-quote">"http://www.w3.org/2001/XMLSchema-instance"</span>&gt;</span>
+   <span class="code-tag">&lt;Signature xmlns=<span class="code-quote">"http://www.w3.org/2000/09/xmldsig#"</span>&gt;</span>
+      <span class="code-tag">&lt;SignedInfo&gt;</span>
+         <span class="code-tag">&lt;CanonicalizationMethod Algorithm=<span class="code-quote">"http://www.w3.org/TR/2001/REC-xml-c14n-20010315"</span>/&gt;</span>
+         <span class="code-tag">&lt;SignatureMethod Algorithm=<span class="code-quote">"http://www.w3.org/2000/09/xmldsig#rsa-sha1"</span>/&gt;</span>
+         <span class="code-tag">&lt;Reference URI=<span class="code-quote">"#_36BF9BFBF49BA48A2D13395075556522"</span>&gt;</span>
+            <span class="code-tag">&lt;Transforms&gt;</span>
+               <span class="code-tag">&lt;Transform Algorithm=<span class="code-quote">"http://www.w3.org/2000/09/xmldsig#enveloped-signature"</span>/&gt;</span>
+            <span class="code-tag">&lt;/Transforms&gt;</span>
+            <span class="code-tag">&lt;DigestMethod Algorithm=<span class="code-quote">"http://www.w3.org/2000/09/xmldsig#sha1"</span>/&gt;</span>
+            <span class="code-tag">&lt;DigestValue&gt;</span>GP0clMqrkm58j17R/IlG+ksITDQ=<span
class="code-tag">&lt;/DigestValue&gt;</span>
+         <span class="code-tag">&lt;/Reference&gt;</span>
+      <span class="code-tag">&lt;/SignedInfo&gt;</span>
+      <span class="code-tag">&lt;SignatureValue&gt;</span>REMOVED<span
class="code-tag">&lt;/SignatureValue&gt;</span>
+      <span class="code-tag">&lt;KeyInfo&gt;</span>
+         <span class="code-tag">&lt;X509Data&gt;</span>
+            <span class="code-tag">&lt;X509SubjectName&gt;</span>CN=localhost<span
class="code-tag">&lt;/X509SubjectName&gt;</span>
+            <span class="code-tag">&lt;X509Certificate&gt;</span>REMOVED<span
class="code-tag">&lt;/X509Certificate&gt;</span>
+         <span class="code-tag">&lt;/X509Data&gt;</span>
+      <span class="code-tag">&lt;/KeyInfo&gt;</span>
+   <span class="code-tag">&lt;/Signature&gt;</span>
+   <span class="code-tag">&lt;fed:RoleDescriptor protocolSupportEnumeration=<span
class="code-quote">"http://docs.oasis-open.org/wsfed/federation/200706"</span> xsi:type=<span
class="code-quote">"fed:ApplicationServiceType"</span>&gt;</span>
+      <span class="code-tag">&lt;fed:ApplicationServiceEndpoint&gt;</span>
+         <span class="code-tag">&lt;wsa:EndpointReference&gt;</span>
+            <span class="code-tag">&lt;wsa:Address&gt;</span>https://localhost:8443/fedizhelloworld/<span
class="code-tag">&lt;/wsa:Address&gt;</span>
+         <span class="code-tag">&lt;/wsa:EndpointReference&gt;</span>
+      <span class="code-tag">&lt;/fed:ApplicationServiceEndpoint&gt;</span>
+      <span class="code-tag">&lt;fed:TargetScope&gt;</span>
+         <span class="code-tag">&lt;wsa:EndpointReference&gt;</span>
+            <span class="code-tag">&lt;wsa:Address/&gt;</span>
+         <span class="code-tag">&lt;/wsa:EndpointReference&gt;</span>
+         <span class="code-tag">&lt;/fed:TargetScope&gt;</span>
+      <span class="code-tag">&lt;fed:ClaimTypesRequested&gt;</span>
+         <span class="code-tag">&lt;auth:ClaimType Optional=<span class="code-quote">"true"</span>
Uri=<span class="code-quote">"http://schemas.xmlsoap.org/ws/2005/05/identity/claims/role"</span>/&gt;</span>
+      <span class="code-tag">&lt;/fed:ClaimTypesRequested&gt;</span>
+      <span class="code-tag">&lt;fed:PassiveRequestorEndpoint&gt;</span>
+         <span class="code-tag">&lt;wsa:EndpointReference&gt;</span>
+            <span class="code-tag">&lt;wsa:Address&gt;</span>https://localhost:9443/fedizidp/<span
class="code-tag">&lt;/wsa:Address&gt;</span>
+         <span class="code-tag">&lt;/wsa:EndpointReference&gt;</span>
+      <span class="code-tag">&lt;/fed:PassiveRequestorEndpoint&gt;</span>
+   <span class="code-tag">&lt;/fed:RoleDescriptor&gt;</span>
+<span class="code-tag">&lt;/EntityDescriptor&gt;</span>
+</pre>
+</div></div>
+
+
+
+</div>
+           </div>
+           <!-- Content -->
+         </td>
+        </tr>
+      </table>
+   </td>
+   <td id="cell-2-2" colspan="2">&nbsp;</td>
+  </tr>
+  <tr>
+   <td id="cell-3-0">&nbsp;</td>
+   <td id="cell-3-1">&nbsp;</td>
+   <td id="cell-3-2">
+     <div id="footer">
+       <!-- Footer -->
+       <div id="site-footer">
+         <a href="http://cxf.apache.org/privacy-policy.html">Privacy Policy</a>
- 
+         (<a href="https://cwiki.apache.org/confluence/pages/editpage.action?pageId=27849296">edit
page</a>) 
+	 (<a href="https://cwiki.apache.org/confluence/display/CXF/Fediz+Metadata?showComments=true&amp;showCommentArea=true#addcomment">add
comment</a>)<br>
+	Apache CXF, CXF, Apache, the Apache feather logo are trademarks of The Apache Software Foundation.<br>
+        All other marks mentioned may be trademarks or registered trademarks of their respective
owners.
+       </div>
+       <!-- Footer -->
+     </div>
+   </td>
+   <td id="cell-3-3">&nbsp;</td>
+   <td id="cell-3-4">&nbsp;</td>
+  </tr>
+  <tr>
+    <td id="cell-4-0" colspan="2">&nbsp;</td>
+    <td id="cell-4-1">&nbsp;</td>
+    <td id="cell-4-2" colspan="2">&nbsp;</td>
+  </tr>
+</table>
+
+<script type="text/javascript">
+var gaJsHost = (("https:" == document.location.protocol) ? "https://ssl." : "http://www.");
+document.write(unescape("%3Cscript src='" + gaJsHost + "google-analytics.com/ga.js' type='text/javascript'%3E%3C/script%3E"));
+</script>
+<script type="text/javascript">
+try {
+var pageTracker = _gat._getTracker("UA-4458903-1");
+pageTracker._trackPageview();
+} catch(err) {}</script>
+
+</body>
+</html>
+



Mime
View raw message