cxf-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From build...@apache.org
Subject svn commit: r853463 - in /websites/production/cxf/content: cache/main.pageCache fediz-spring.html
Date Thu, 07 Mar 2013 11:48:09 GMT
Author: buildbot
Date: Thu Mar  7 11:48:09 2013
New Revision: 853463

Log:
Production update by buildbot for cxf

Added:
    websites/production/cxf/content/fediz-spring.html
Modified:
    websites/production/cxf/content/cache/main.pageCache

Modified: websites/production/cxf/content/cache/main.pageCache
==============================================================================
Binary files - no diff available.

Added: websites/production/cxf/content/fediz-spring.html
==============================================================================
--- websites/production/cxf/content/fediz-spring.html (added)
+++ websites/production/cxf/content/fediz-spring.html Thu Mar  7 11:48:09 2013
@@ -0,0 +1,279 @@
+
+<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
+<!--
+
+    Licensed to the Apache Software Foundation (ASF) under one or more
+    contributor license agreements.  See the NOTICE file distributed with
+    this work for additional information regarding copyright ownership.
+    The ASF licenses this file to You under the Apache License, Version 2.0
+    (the "License"); you may not use this file except in compliance with
+    the License.  You may obtain a copy of the License at
+
+       http://www.apache.org/licenses/LICENSE-2.0
+
+    Unless required by applicable law or agreed to in writing, software
+    distributed under the License is distributed on an "AS IS" BASIS,
+    WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+    See the License for the specific language governing permissions and
+    limitations under the License.
+-->
+<html>
+  <head>
+    <link type="text/css" rel="stylesheet" href="http://cxf.apache.org/resources/site.css">
+    <script src="http://cxf.apache.org/resources/space.js" type="text/javascript"></script>
+    
+<meta http-equiv="Content-type" content="text/html;charset=UTF-8">
+<meta name="keywords" content="business integration, EAI, SOA, Service Oriented Architecture,
web services, SOAP, JBI, JMS, WSDL, XML, EDI, Electronic Data Interchange, standards support,
integration standards, application integration, middleware, software, solutions, services,
CXF, open source">
+<meta name="description" content="Apache CXF, Services Framework - Fediz Spring">
+    <title>
+Apache CXF -- Fediz Spring
+    </title>
+  </head>
+<body onload="init()">
+
+
+<table width="100%" cellpadding="0" cellspacing="0">
+  <tr>
+    <td id="cell-0-0" colspan="2">&nbsp;</td>
+    <td id="cell-0-1">&nbsp;</td>
+    <td id="cell-0-2" colspan="2">&nbsp;</td>
+  </tr>
+  <tr>
+    <td id="cell-1-0">&nbsp;</td>
+    <td id="cell-1-1">&nbsp;</td>
+    <td id="cell-1-2">
+      <div style="padding: 5px;">
+        <div id="banner">
+          <!-- Banner -->
+<div id="banner-content">
+<table border="0" cellpadding="0" cellspacing="0" width="100%"><tr><td align="left"
colspan="1" nowrap>
+<a shape="rect" href="http://cxf.apache.org/" title="Apache CXF"><span style="font-weight:
bold; font-size: 170%; color: white">Apache CXF</span></a>
+</td><td align="right" colspan="1" nowrap>
+<a shape="rect" href="http://www.apache.org/" title="The Apache Software Foundation"><img
border="0" alt="ASF Logo" src="http://cxf.apache.org/images/asf-logo.png"></a>
+</td></tr></table>
+</div>
+          <!-- Banner -->
+        </div>
+      </div>
+      <div id="top-menu">
+        <table border="0" cellpadding="1" cellspacing="0" width="100%">
+          <tr>
+            <td>
+              <div align="left">
+                <!-- Breadcrumbs -->
+<a href="index.html">Index</a>&nbsp;&gt;&nbsp;<a href="fediz.html">Fediz</a>&nbsp;&gt;&nbsp;<a
href="fediz-spring.html">Fediz Spring</a>
+                <!-- Breadcrumbs -->
+              </div>
+            </td>
+            <td>
+              <div align="right">
+                <!-- Quicklinks -->
+<div id="quicklinks"><p><a shape="rect" href="download.html" title="Download">Download</a>
| <a shape="rect" href="http://cxf.apache.org/docs/index.html">Documentation</a></p></div>
+                <!-- Quicklinks -->
+              </div>
+            </td>
+          </tr>
+        </table>
+      </div>
+    </td>
+    <td id="cell-1-3">&nbsp;</td>
+    <td id="cell-1-4">&nbsp;</td>
+  </tr>
+  <tr>
+    <td id="cell-2-0" colspan="2">&nbsp;</td>
+    <td id="cell-2-1">
+      <table>
+        <tr valign="top">
+          <td height="100%">
+            <div id="wrapper-menu-page-right">
+              <div id="wrapper-menu-page-top">
+                <div id="wrapper-menu-page-bottom">
+                  <div id="menu-page">
+                    <!-- NavigationBar -->
+<div id="navigation"><h3><a shape="rect" name="Navigation-ApacheCXFIndex"></a><a
shape="rect" href="index.html" title="Index">Apache CXF</a></h3>
+
+<ul class="alternate" type="square"><li><a shape="rect" href="index.html"
title="Index">Home</a></li><li><a shape="rect" href="download.html"
title="Download">Download</a></li><li><a shape="rect" href="people.html"
title="People">People</a></li><li><a shape="rect" href="project-status.html"
title="Project Status">Project Status</a></li><li><a shape="rect"
href="roadmap.html" title="Roadmap">Roadmap</a></li><li><a shape="rect"
href="mailing-lists.html" title="Mailing Lists">Mailing Lists</a></li><li><a
shape="rect" class="external-link" href="http://issues.apache.org/jira/browse/CXF">Issue
Reporting</a></li><li><a shape="rect" href="special-thanks.html" title="Special
Thanks">Special Thanks</a></li><li><a shape="rect" class="external-link"
href="http://www.apache.org/licenses/">License</a></li><li><a shape="rect"
href="security-advisories.html" title="Security Advisories">Security Advisories</a></li></ul>
+
+
+<h3><a shape="rect" name="Navigation-Users"></a>Users</h3>
+
+<ul class="alternate" type="square"><li><a shape="rect" href="http://cxf.apache.org/docs/index.html">User's
Guide</a></li><li><a shape="rect" href="support.html" title="Support">Support</a></li><li><a
shape="rect" href="faq.html" title="FAQ">FAQ</a></li><li><a shape="rect"
href="resources-and-articles.html" title="Resources and Articles">Resources and Articles</a></li></ul>
+
+
+<h3><a shape="rect" name="Navigation-Search"></a>Search</h3>
+
+<form enctype="application/x-www-form-urlencoded" method="get" id="cse-search-box" action="http://www.google.com/cse">
+  <div>
+    <input type="hidden" name="cx" value="002890367768291051730:o99qiwa09y4">
+    <input type="hidden" name="ie" value="UTF-8">
+    <input type="text" name="q" size="21">
+    <input type="submit" name="sa" value="Search">
+  </div>
+</form>
+<script type="text/javascript" src="http://www.google.com/cse/brand?form=cse-search-box&amp;lang=en"></script>
+
+
+<h3><a shape="rect" name="Navigation-Developers"></a>Developers</h3>
+
+<ul class="alternate" type="square"><li><a shape="rect" href="http://cxf.apache.org/docs/cxf-architecture.html">Architecture
Guide</a></li><li><a shape="rect" href="source-repository.html" title="Source
Repository">Source Repository</a></li><li><a shape="rect" href="building.html"
title="Building">Building</a></li><li><a shape="rect" href="automated-builds.html"
title="Automated Builds">Automated Builds</a></li><li><a shape="rect"
href="testing-debugging.html" title="Testing-Debugging">Testing-Debugging</a></li><li><a
shape="rect" href="coding-guidelines.html" title="Coding Guidelines">Coding Guidelines</a></li><li><a
shape="rect" href="getting-involved.html" title="Getting Involved">Getting Involved</a></li><li><a
shape="rect" href="release-management.html" title="Release Management">Release Management</a></li></ul>
+
+
+<h3><a shape="rect" name="Navigation-Subprojects"></a>Subprojects</h3>
+
+<ul class="alternate" type="square"><li><a shape="rect" href="distributed-osgi.html"
title="Distributed OSGi">Distributed OSGi</a></li><li><a shape="rect"
href="xjc-utils.html" title="XJC Utils">XJC Utils</a></li><li><a shape="rect"
href="build-utils.html" title="Build Utils">Build Utils</a></li><li><a
shape="rect" href="fediz.html" title="Fediz">Fediz</a></li></ul>
+
+
+<h3><a shape="rect" name="Navigation-ASF"></a><a shape="rect" class="external-link"
href="http://www.apache.org">ASF</a></h3>
+
+<ul class="alternate" type="square"><li><a shape="rect" class="external-link"
href="http://www.apache.org/foundation/how-it-works.html">How Apache Works</a></li><li><a
shape="rect" class="external-link" href="http://www.apache.org/foundation/">Foundation</a></li><li><a
shape="rect" class="external-link" href="http://www.apache.org/foundation/sponsorship.html">Sponsor
Apache</a></li><li><a shape="rect" class="external-link" href="http://www.apache.org/foundation/thanks.html">Thanks</a></li><li><a
shape="rect" class="external-link" href="http://www.apache.org/security/">Security</a></li></ul>
+</div>
+                    <!-- NavigationBar -->
+                  </div>
+              </div>
+            </div>
+          </div>
+         </td>
+         <td height="100%">
+           <!-- Content -->
+           <div class="wiki-content">
+<div id="ConfluenceContent"><h1><a shape="rect" name="FedizSpring-SpringSecurityPlugin%281.1SNAPSHOT%29"></a>Spring
Security Plugin (1.1 SNAPSHOT)</h1>
+
+<p>This page describes how to enable Federation for a Spring Security based Web Application.
Spring Security provide more authorization capabilities than defined in the Java Servlet specification.
Beyond authorizing web requests Spring Security supports authorizing whether methods can be
invoked and authorizing access to individual domain object instances. Further, Spring Security
supports two deployment options.</p>
+
+
+
+
+
+<p>This configuration is not for a separate Tomcat instance hosting the Fediz IDP and
IDP STS WARs, or hosts for third-party applications that use Fediz STS-generated SAML assertions
for authentication.  After this configuration is done, the Jetty-RP instance will validate
the incoming SignInResponse created by the IDP server.</p>
+
+<p>Prior to doing this configuration, make sure you've first deployed the Fediz IDP
and STS on the Tomcat IDP instance as discussed <a shape="rect" href="fediz-idp.html" title="Fediz
IDP">here</a>, and can view the STS WSDL at the URL given on that page.  That page
also provides some tips for running multiple Tomcat instances on your machine.</p>
+
+
+<h3><a shape="rect" name="FedizSpring-Installation"></a>Installation</h3>
+
+<p>You can either build the Fediz plugin on your own or download the package <a
shape="rect" href="fediz-downloads.html" title="Fediz Downloads">here</a>. If you
have built the plugin on your own you'll find the required libraries in <tt>plugins/jetty/target/...zip-with-dependencies.zip</tt></p>
+
+<ol><li>Create sub-directory <tt>fediz</tt> in <tt>${jetty.home}/lib/fediz</tt></li><li>Update
start.ini in ${jetty.home}/start.ini by adding <tt>fediz</tt> to the OPTIONS
+<div class="code panel" style="border-width: 1px;"><div class="codeContent panelContent">
+<pre class="code-java">
+OPTIONS=Server,fediz
+</pre>
+</div></div></li><li>Deploy the libraries to the directory created
in (1)</li></ol>
+
+
+
+<h3><a shape="rect" name="FedizSpring-Configuration"></a>Configuration</h3>
+
+<h5><a shape="rect" name="FedizSpring-HTTPSconfiguration"></a>HTTPS configuration</h5>
+
+<p>It's recommended to set up a dedicated (separate) Jetty instance for the Relying
Party. The Fediz RP web applications use the following TCP ports:</p>
+<ul><li>HTTP port: 8080</li><li>HTTPS port: 8443 (where IDP and STS
are accessed)</li></ul>
+
+
+<p>These are the default ports for a standard Jetty installation.</p>
+
+<p>The Relying Party must be accessed over HTTPS to protect the security tokens issued
by the IDP.</p>
+
+<p>The Jetty HTTP(s) configuration is done in etc/jetty-ssl.xml.</p>
+
+<p>The configuration is described in detail <a shape="rect" class="external-link"
href="http://wiki.eclipse.org/Jetty/Howto/Configure_SSL" rel="nofollow">here</a></p>
+
+<p>This page also describes how to create certificates.  Sample Jetty keystores (not
for production use, but useful for demoing Fediz and running the sample applications) are
provided in the examples/samplekeys folder of the Fediz distribution.  Note the Jetty keystore
here is different from the one used to configure the Tomcat-IDP instance.</p>
+
+<p>To establish trust, there are significant keystore/truststore requirements between
the Servlet Container instances and the various web applications (IDP, STS, Relying party
applications, third party web services, etc.)  See <a shape="rect" class="external-link"
href="http://svn.apache.org/viewvc/cxf/fediz/trunk/examples/samplekeys/HowToGenerateKeysREADME.html?view=co">this
page</a> for more details, it lists the trust requirements as well as sample scripts
for creating your own (self-signed) keys.</p>
+
+<p><b>Warning:  All sample keystores provided with Fediz (including in the WAR
files for its services and examples) are for development/prototyping use only.  They'll need
to be replaced for production use, at a minimum with your own self-signed keys but strongly
recommended to use third-party signed keys.</b></p>
+
+<p>If you are currently just trying to run the Fediz samples, the configuration above
is all you need (the below configuration is already provided within the samples) so you can
return now to the samples' READMEs for the next steps in running them.</p>
+
+
+<h5><a shape="rect" name="FedizSpring-FedizPluginconfigurationforYourWebApplication"></a>Fediz
Plugin configuration for Your Web Application</h5>
+
+<p>The Fediz related configuration is done in a Servlet Container independent configuration
file which is described <a shape="rect" href="fediz-configuration.html" title="Fediz Configuration">here</a>.</p>
+
+<p>The Fediz plugin requires configuring the FederationAuthenticator like any other
authenticator in Jetty. Detailed information about the Authenticators and SecurityHandler
is available <a shape="rect" class="external-link" href="http://wiki.eclipse.org/Jetty/Tutorial/Realms"
rel="nofollow">here</a>.</p>
+
+<p>The Fediz configuration file allows to configure all servlet contexts in one file
or choosing one file per Servlet Context.</p>
+
+<p>You can configure the context in context configuration file located in &lt;jetty.home&gt;/contexts.</p>
+
+<h6><a shape="rect" name="FedizSpring-fedizhelloworld.xml"></a>fedizhelloworld.xml</h6>
+<p>Hint: file name must be equal to war file name</p>
+
+<div class="code panel" style="border-width: 1px;"><div class="codeContent panelContent">
+<pre class="code-xml"> 
+  <span class="code-tag">&lt;Get name=<span class="code-quote">"securityHandler"</span>&gt;</span>
+    <span class="code-tag">&lt;Set name=<span class="code-quote">"loginService"</span>&gt;</span>
+      <span class="code-tag">&lt;New class=<span class="code-quote">"org.apache.cxf.fediz.jetty.FederationLoginService"</span>&gt;</span>
+        <span class="code-tag">&lt;Set name=<span class="code-quote">"name"</span>&gt;</span>WSFED<span
class="code-tag">&lt;/Set&gt;</span>
+      <span class="code-tag">&lt;/New&gt;</span>
+    <span class="code-tag">&lt;/Set&gt;</span>
+    <span class="code-tag">&lt;Set name=<span class="code-quote">"authenticator"</span>&gt;</span>
+      <span class="code-tag">&lt;New class=<span class="code-quote">"org.apache.cxf.fediz.jetty.FederationAuthenticator"</span>&gt;</span>
+        <span class="code-tag">&lt;Set name=<span class="code-quote">"configFile"</span>&gt;</span><span
class="code-tag">&lt;SystemProperty name=<span class="code-quote">"jetty.home"</span>
default=<span class="code-quote">"."</span>/&gt;</span>/etc/fediz_config.xml<span
class="code-tag">&lt;/Set&gt;</span>
+      <span class="code-tag">&lt;/New&gt;</span>
+    <span class="code-tag">&lt;/Set&gt;</span>
+  <span class="code-tag">&lt;/Get&gt;</span>
+</pre>
+</div></div>
+
+
+<p>The Fediz configuration file is a Servlet container independent configuration file
and described <a shape="rect" href="fediz-configuration.html" title="Fediz Configuration">here</a></p>
+
+<h3><a shape="rect" name="FedizSpring-WebApplicationdeployment"></a>Web
Application deployment</h3>
+
+<p>Deploy your Web Application to your Jetty installation (&lt;jetty.home&gt;/webapps).
 If you're running the Fediz examples, their README files will have instructions on how to
do this.</p>
+
+<h3><a shape="rect" name="FedizSpring-FederationMetadatadocument"></a>Federation
Metadata document</h3>
+
+<p>The Jetty Fediz plugin supports publishing the WS-Federation Metadata document which
is described <a shape="rect" href="fediz-metadata.html" title="Fediz Metadata">here</a>.</p>
+
+
+</div>
+           </div>
+           <!-- Content -->
+         </td>
+        </tr>
+      </table>
+   </td>
+   <td id="cell-2-2" colspan="2">&nbsp;</td>
+  </tr>
+  <tr>
+   <td id="cell-3-0">&nbsp;</td>
+   <td id="cell-3-1">&nbsp;</td>
+   <td id="cell-3-2">
+     <div id="footer">
+       <!-- Footer -->
+       <div id="site-footer">
+         <a href="http://cxf.apache.org/privacy-policy.html">Privacy Policy</a>
- 
+         (<a href="https://cwiki.apache.org/confluence/pages/editpage.action?pageId=30756705">edit
page</a>) 
+	 (<a href="https://cwiki.apache.org/confluence/pages/viewpage.action?pageId=30756705&amp;showComments=true&amp;showCommentArea=true#addcomment">add
comment</a>)<br>
+	Apache CXF, CXF, Apache, the Apache feather logo are trademarks of The Apache Software Foundation.<br>
+        All other marks mentioned may be trademarks or registered trademarks of their respective
owners.
+       </div>
+       <!-- Footer -->
+     </div>
+   </td>
+   <td id="cell-3-3">&nbsp;</td>
+   <td id="cell-3-4">&nbsp;</td>
+  </tr>
+  <tr>
+    <td id="cell-4-0" colspan="2">&nbsp;</td>
+    <td id="cell-4-1">&nbsp;</td>
+    <td id="cell-4-2" colspan="2">&nbsp;</td>
+  </tr>
+</table>
+
+<script type="text/javascript">
+var gaJsHost = (("https:" == document.location.protocol) ? "https://ssl." : "http://www.");
+document.write(unescape("%3Cscript src='" + gaJsHost + "google-analytics.com/ga.js' type='text/javascript'%3E%3C/script%3E"));
+</script>
+<script type="text/javascript">
+try {
+var pageTracker = _gat._getTracker("UA-4458903-1");
+pageTracker._trackPageview();
+} catch(err) {}</script>
+
+</body>
+</html>
+



Mime
View raw message