Return-Path: X-Original-To: apmail-cxf-commits-archive@www.apache.org Delivered-To: apmail-cxf-commits-archive@www.apache.org Received: from mail.apache.org (hermes.apache.org [140.211.11.3]) by minotaur.apache.org (Postfix) with SMTP id 18D2ED3D0 for ; Mon, 9 Jul 2012 13:48:11 +0000 (UTC) Received: (qmail 56496 invoked by uid 500); 9 Jul 2012 13:48:10 -0000 Delivered-To: apmail-cxf-commits-archive@cxf.apache.org Received: (qmail 56432 invoked by uid 500); 9 Jul 2012 13:48:09 -0000 Mailing-List: contact commits-help@cxf.apache.org; run by ezmlm Precedence: bulk List-Help: List-Unsubscribe: List-Post: List-Id: Reply-To: dev@cxf.apache.org Delivered-To: mailing list commits@cxf.apache.org Received: (qmail 56409 invoked by uid 99); 9 Jul 2012 13:48:09 -0000 Received: from athena.apache.org (HELO athena.apache.org) (140.211.11.136) by apache.org (qpsmtpd/0.29) with ESMTP; Mon, 09 Jul 2012 13:48:09 +0000 X-ASF-Spam-Status: No, hits=-2000.0 required=5.0 tests=ALL_TRUSTED,LOTTO_AGENT X-Spam-Check-By: apache.org Received: from [140.211.11.4] (HELO eris.apache.org) (140.211.11.4) by apache.org (qpsmtpd/0.29) with ESMTP; Mon, 09 Jul 2012 13:48:08 +0000 Received: from eris.apache.org (localhost [127.0.0.1]) by eris.apache.org (Postfix) with ESMTP id AE69923888FD for ; Mon, 9 Jul 2012 13:47:48 +0000 (UTC) Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit Subject: svn commit: r825130 - in /websites/production/cxf/content: cache/main.pageCache fediz-idp.html Date: Mon, 09 Jul 2012 13:47:48 -0000 To: commits@cxf.apache.org From: buildbot@apache.org X-Mailer: svnmailer-1.0.8-patched Message-Id: <20120709134748.AE69923888FD@eris.apache.org> X-Virus-Checked: Checked by ClamAV on apache.org Author: buildbot Date: Mon Jul 9 13:47:48 2012 New Revision: 825130 Log: Production update by buildbot for cxf Modified: websites/production/cxf/content/cache/main.pageCache websites/production/cxf/content/fediz-idp.html Modified: websites/production/cxf/content/cache/main.pageCache ============================================================================== Binary files - no diff available. Modified: websites/production/cxf/content/fediz-idp.html ============================================================================== --- websites/production/cxf/content/fediz-idp.html (original) +++ websites/production/cxf/content/fediz-idp.html Mon Jul 9 13:47:48 2012 @@ -337,7 +337,7 @@ export JAVA_OPTS

When a STS client (IDP) requests a claim, the ClaimsManager in the STS checks every registered ClaimsHandler who can provide the data of the requested claim. The CXF STS provides org.apache.cxf.sts.claims.LdapClaimsHandler which is a claims handler implementation to get claims from user attributes in a LDAP directory.

You configure which claim URI maps to which LDAP user attribute. The implementation uses the Spring Ldap Module (LdapTemplate).

The following example illustrate the changes to be made in webapps/fediz-idp-sts/WEB-INF/cxf-transport.xml:

@@ -384,6 +384,14 @@ value="c" +

You must deploy the library for the spring ldap module and its dependencies. The POM of the spring ldap module is available here.

+ +

You can add the dependency to spring ldap module to the Fediz STS POM, add the above configuration and rebuild the STS component or do the configuration in the deployed STS directly and add the following JAR files:

+ +

lang-2.1.0.jar
ldapbp-1.0.jar
spring-ldap-1.2.jar

+ + +

Configure CA certificates

tbd