cxf-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From build...@apache.org
Subject svn commit: r821512 - in /websites/production/cxf/content: cache/main.pageCache fediz-configuration.html fediz-metadata.html fediz-tomcat.html
Date Tue, 12 Jun 2012 21:47:52 GMT
Author: buildbot
Date: Tue Jun 12 21:47:51 2012
New Revision: 821512

Log:
Production update by buildbot for cxf

Modified:
    websites/production/cxf/content/cache/main.pageCache
    websites/production/cxf/content/fediz-configuration.html
    websites/production/cxf/content/fediz-metadata.html
    websites/production/cxf/content/fediz-tomcat.html

Modified: websites/production/cxf/content/cache/main.pageCache
==============================================================================
Binary files - no diff available.

Modified: websites/production/cxf/content/fediz-configuration.html
==============================================================================
--- websites/production/cxf/content/fediz-configuration.html (original)
+++ websites/production/cxf/content/fediz-configuration.html Tue Jun 12 21:47:51 2012
@@ -186,13 +186,13 @@ Default 5 seconds. </td></tr></tbody></t
 <h5><a shape="rect" name="FedizConfiguration-WSFederationprotocolconfigurationreference"></a>WS-Federation
protocol configuration reference </h5>
 
 <div class="table-wrap">
-<table class="confluenceTable"><tbody><tr><th colspan="1" rowspan="1"
class="confluenceTh">XML element </th><th colspan="1" rowspan="1" class="confluenceTh">Name
</th><th colspan="1" rowspan="1" class="confluenceTh">Use </th><th colspan="1"
rowspan="1" class="confluenceTh">Description</th></tr><tr><td colspan="1"
rowspan="1" class="confluenceTd"> issuer </td><td colspan="1" rowspan="1" class="confluenceTd">
Issuer URL </td><td colspan="1" rowspan="1" class="confluenceTd"> Required </td><td
colspan="1" rowspan="1" class="confluenceTd">This URL defines the location of the IDP to
whom unauthenticated requests are redirected </td></tr><tr><td colspan="1"
rowspan="1" class="confluenceTd"> realm </td><td colspan="1" rowspan="1" class="confluenceTd">
Realm </td><td colspan="1" rowspan="1" class="confluenceTd"> Optional </td><td
colspan="1" rowspan="1" class="confluenceTd"> Security realm of the Relying Party / Application.
This value is part of the SignIn request as the <tt>wtrealm
 </tt> parameter.<br clear="none">
-Default: URL including the Servlet Context </td></tr><tr><td colspan="1"
rowspan="1" class="confluenceTd"> authenticationType </td><td colspan="1" rowspan="1"
class="confluenceTd"> Authentication Type </td><td colspan="1" rowspan="1" class="confluenceTd">
Optional </td><td colspan="1" rowspan="1" class="confluenceTd"> The authentication
type defines what kind of authentication is required. This information is provided in the
SignInRequest to the IDP (parameter <tt>wauth</tt>)<br clear="none">
-The WS-Federation standard defines a list of predefined URIs for wauth <a shape="rect"
class="external-link" href="http://docs.oasis-open.org/wsfed/federation/v1.2/os/ws-federation-1.2-spec-os.html#_Toc223174997"
rel="nofollow">here</a>.</td></tr><tr><td colspan="1" rowspan="1"
class="confluenceTd"> roleURI </td><td colspan="1" rowspan="1" class="confluenceTd">
Role Claim URI </td><td colspan="1" rowspan="1" class="confluenceTd"> Optional
</td><td colspan="1" rowspan="1" class="confluenceTd"> Defines the attribute name
of the SAML token which contains the roles.<br clear="none">
-Required for Role Based Access Control. </td></tr><tr><td colspan="1"
rowspan="1" class="confluenceTd"> roleDelimiter </td><td colspan="1" rowspan="1"
class="confluenceTd"> Role Value Delimiter </td><td colspan="1" rowspan="1" class="confluenceTd">
Optional </td><td colspan="1" rowspan="1" class="confluenceTd"> There are different
ways to encode multi value attributes in SAML.
+<table class="confluenceTable"><tbody><tr><th colspan="1" rowspan="1"
class="confluenceTh">XML element </th><th colspan="1" rowspan="1" class="confluenceTh">Name
</th><th colspan="1" rowspan="1" class="confluenceTh">Use </th><th colspan="1"
rowspan="1" class="confluenceTh"> Metadata </th><th colspan="1" rowspan="1" class="confluenceTh">
Description</th></tr><tr><td colspan="1" rowspan="1" class="confluenceTd">
issuer </td><td colspan="1" rowspan="1" class="confluenceTd"> Issuer URL </td><td
colspan="1" rowspan="1" class="confluenceTd"> Required </td><td colspan="1" rowspan="1"
class="confluenceTd"> PassiveRequestorEndpoint </td><td colspan="1" rowspan="1"
class="confluenceTd">This URL defines the location of the IDP to whom unauthenticated requests
are redirected </td></tr><tr><td colspan="1" rowspan="1" class="confluenceTd">
realm </td><td colspan="1" rowspan="1" class="confluenceTd"> Realm </td><td
colspan="1" rowspan="1" class="confluenceTd"> Optional </td><td colspan="1"
  rowspan="1" class="confluenceTd"> TargetScope </td><td colspan="1" rowspan="1"
class="confluenceTd"> Security realm of the Relying Party / Application. This value is
part of the SignIn request as the <tt>wtrealm</tt> parameter.<br clear="none">
+Default: URL including the Servlet Context </td></tr><tr><td colspan="1"
rowspan="1" class="confluenceTd"> authenticationType </td><td colspan="1" rowspan="1"
class="confluenceTd"> Authentication Type </td><td colspan="1" rowspan="1" class="confluenceTd">
Optional </td><td colspan="1" rowspan="1" class="confluenceTd"> NA </td><td
colspan="1" rowspan="1" class="confluenceTd"> The authentication type defines what kind
of authentication is required. This information is provided in the SignInRequest to the IDP
(parameter <tt>wauth</tt>)<br clear="none">
+The WS-Federation standard defines a list of predefined URIs for wauth <a shape="rect"
class="external-link" href="http://docs.oasis-open.org/wsfed/federation/v1.2/os/ws-federation-1.2-spec-os.html#_Toc223174997"
rel="nofollow">here</a>.</td></tr><tr><td colspan="1" rowspan="1"
class="confluenceTd"> roleURI </td><td colspan="1" rowspan="1" class="confluenceTd">
Role Claim URI </td><td colspan="1" rowspan="1" class="confluenceTd"> Optional
</td><td colspan="1" rowspan="1" class="confluenceTd"> NA </td><td colspan="1"
rowspan="1" class="confluenceTd"> Defines the attribute name of the SAML token which contains
the roles.<br clear="none">
+Required for Role Based Access Control. </td></tr><tr><td colspan="1"
rowspan="1" class="confluenceTd"> roleDelimiter </td><td colspan="1" rowspan="1"
class="confluenceTd"> Role Value Delimiter </td><td colspan="1" rowspan="1" class="confluenceTd">
Optional </td><td colspan="1" rowspan="1" class="confluenceTd"> NA </td><td
colspan="1" rowspan="1" class="confluenceTd"> There are different ways to encode multi
value attributes in SAML.
 <ul><li>Single attribute with multiple values</li><li>Several attributes
with the same name but only one value</li><li>Single attribute with single value.
Roles are delimited by <tt>roleDelimiter</tt></li></ul>
-</td></tr><tr><td colspan="1" rowspan="1" class="confluenceTd"> claimTypesRequested
</td><td colspan="1" rowspan="1" class="confluenceTd"> Requested claims </td><td
colspan="1" rowspan="1" class="confluenceTd"> Optional </td><td colspan="1" rowspan="1"
class="confluenceTd"> The claims required by the Relying Party are listed here. Claims
can be optional. If a mandatory claim can't be provided by the IDP the issuance of the token
should fail </td></tr><tr><td colspan="1" rowspan="1" class="confluenceTd">
homeRealm </td><td colspan="1" rowspan="1" class="confluenceTd"> Home Realm </td><td
colspan="1" rowspan="1" class="confluenceTd"> Optional </td><td colspan="1" rowspan="1"
class="confluenceTd"> Indicates the Resource IDP the home realm of the requestor. This
may be an URL or an identifier like urn: or uuid: and depends on the Resource IDP implementation.
This value is part of the SignIn request as the <tt>whr</tt> parameter </td></tr><tr><td
colspan="1" rowspan="1" class="co
 nfluenceTd"> tokenValidators </td><td colspan="1" rowspan="1" class="confluenceTd">
TokenValidators </td><td colspan="1" rowspan="1" class="confluenceTd"> Optional
</td><td colspan="1" rowspan="1" class="confluenceTd"> Custom Token validator
classes can be configured here. The SAML Token validator is enabled by default.<br clear="none">
-See example <a shape="rect" class="external-link" href="http://svn.apache.org/viewvc/cxf/fediz/trunk/plugins/core/src/test/java/org/apache/cxf/fediz/core/CustomValidator.java">here</a></td></tr></tbody></table>
+</td></tr><tr><td colspan="1" rowspan="1" class="confluenceTd"> claimTypesRequested
</td><td colspan="1" rowspan="1" class="confluenceTd"> Requested claims </td><td
colspan="1" rowspan="1" class="confluenceTd"> Optional </td><td colspan="1" rowspan="1"
class="confluenceTd"> ClaimTypesRequested </td><td colspan="1" rowspan="1" class="confluenceTd">
The claims required by the Relying Party are listed here. Claims can be optional. If a mandatory
claim can't be provided by the IDP the issuance of the token should fail </td></tr><tr><td
colspan="1" rowspan="1" class="confluenceTd"> homeRealm </td><td colspan="1" rowspan="1"
class="confluenceTd"> Home Realm </td><td colspan="1" rowspan="1" class="confluenceTd">
Optional </td><td colspan="1" rowspan="1" class="confluenceTd"> NA </td><td
colspan="1" rowspan="1" class="confluenceTd"> Indicates the Resource IDP the home realm
of the requestor. This may be an URL or an identifier like urn: or uuid: and depends on the
Resource IDP imple
 mentation. This value is part of the SignIn request as the <tt>whr</tt> parameter
</td></tr><tr><td colspan="1" rowspan="1" class="confluenceTd"> tokenValidators
</td><td colspan="1" rowspan="1" class="confluenceTd"> TokenValidators </td><td
colspan="1" rowspan="1" class="confluenceTd"> Optional </td><td colspan="1" rowspan="1"
class="confluenceTd"> NA </td><td colspan="1" rowspan="1" class="confluenceTd">
Custom Token validator classes can be configured here. The SAML Token validator is enabled
by default.<br clear="none">
+See example <a shape="rect" class="external-link" href="http://svn.apache.org/viewvc/cxf/fediz/trunk/plugins/core/src/test/java/org/apache/cxf/fediz/core/CustomValidator.java">here</a></td></tr><tr><td
colspan="1" rowspan="1" class="confluenceTd"> signingKey </td><td colspan="1"
rowspan="1" class="confluenceTd"> Key for Signature </td><td colspan="1" rowspan="1"
class="confluenceTd"> Optional </td><td colspan="1" rowspan="1" class="confluenceTd">
Metadata signature </td><td colspan="1" rowspan="1" class="confluenceTd"> If configured,
the published WS-Federation <a shape="rect" href="fediz-metadata.html" title="Fediz Metadata">Metadata
document</a> is signed by this key. Otherwise, not signed.</td></tr></tbody></table>
 </div>
 
 
@@ -227,6 +227,9 @@ See example <a shape="rect" class="exter
         <span class="code-tag">&lt;trustedIssuers&gt;</span>
             <span class="code-tag">&lt;issuer name=<span class="code-quote">"issuer
1"</span> certificateValidation=<span class="code-quote">"ChainTrust"</span>
subject=<span class="code-quote">".*CN=www.sts.com.*"</span> /&gt;</span>
         <span class="code-tag">&lt;/trustedIssuers&gt;</span>
+        <span class="code-tag">&lt;signingKey keyPassword=<span class="code-quote">"tompass"</span>&gt;</span>
+            <span class="code-tag">&lt;keyStore file=<span class="code-quote">"tomcatKeystore.jks"</span>
password=<span class="code-quote">"tompass"</span> type=<span class="code-quote">"JKS"</span>
/&gt;</span>
+        <span class="code-tag">&lt;/signingKey&gt;</span>
         <span class="code-tag">&lt;protocol <span class="code-keyword">xmlns:xsi</span>=<span
class="code-quote">"http://www.w3.org/2001/XMLSchema-instance"</span> xsi:type=<span
class="code-quote">"federationProtocolType"</span> version=<span class="code-quote">"1.2"</span>&gt;</span>
             <span class="code-tag">&lt;issuer&gt;</span>https://localhost:9443/fedizidp/<span
class="code-tag">&lt;/issuer&gt;</span>
             <span class="code-tag">&lt;roleDelimiter&gt;</span>,<span
class="code-tag">&lt;/roleDelimiter&gt;</span>

Modified: websites/production/cxf/content/fediz-metadata.html
==============================================================================
--- websites/production/cxf/content/fediz-metadata.html (original)
+++ websites/production/cxf/content/fediz-metadata.html Tue Jun 12 21:47:51 2012
@@ -137,7 +137,7 @@ Apache CXF -- Fediz Metadata
            <!-- Content -->
            <div class="wiki-content">
 <div id="ConfluenceContent"><h1><a shape="rect" name="FedizMetadata-FedizMetadata"></a>Fediz
Metadata</h1>
-<p>Both the Relying Party (RP) and IDP/STS (Security Token Service) can publish its
Federation metadata information in a standardized federation documentfashion as defined <a
shape="rect" class="external-link" href="http://docs.oasis-open.org/wsfed/federation/v1.2/os/ws-federation-1.2-spec-os.html#_Toc223174943"
rel="nofollow">here</a>.</p>
+<p>Both the Relying Party (RP) and IDP/STS (Security Token Service) can publish its
Federation information in the standardized federation metadata document as defined <a shape="rect"
class="external-link" href="http://docs.oasis-open.org/wsfed/federation/v1.2/os/ws-federation-1.2-spec-os.html#_Toc223174943"
rel="nofollow">here</a>.</p>
 
 <h3><a shape="rect" name="FedizMetadata-Introduction"></a>Introduction</h3>
 <p>This specification defines concrete service roles. The <b>ApplicationServiceType</b>
describes the capabilities of the Relying Party whereas the <b>SecurityTokenServiceType</b>
describes the capabilities of the IDP/STS.</p>

Modified: websites/production/cxf/content/fediz-tomcat.html
==============================================================================
--- websites/production/cxf/content/fediz-tomcat.html (original)
+++ websites/production/cxf/content/fediz-tomcat.html Tue Jun 12 21:47:51 2012
@@ -226,6 +226,10 @@ add the previously created directory to 
 
 <p>Deploy your Web Application to your Tomcat installation (&lt;catalina.home&gt;/webapps).</p>
 
+<h3><a shape="rect" name="FedizTomcat-FederationMetadatadocument"></a>Federation
Metadata document</h3>
+
+<p>The Tomcat Fediz plugin supports publishing the WS-Federation Metadata document
which is described <a shape="rect" href="fediz-metadata.html" title="Fediz Metadata">here</a>.</p>
+
 
 </div>
            </div>



Mime
View raw message