cxf-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From owu...@apache.org
Subject svn commit: r1462277 [1/2] - in /cxf/fediz/trunk: ./ examples/simpleWebapp/src/main/config/ examples/simpleWebapp/src/main/resources/ examples/springWebapp/src/main/config/ examples/wsclientWebapp/webapp/ examples/wsclientWebapp/webapp/src/main/config/...
Date Thu, 28 Mar 2013 19:53:37 GMT
Author: owulff
Date: Thu Mar 28 19:53:35 2013
New Revision: 1462277

URL: http://svn.apache.org/r1462277
Log:
Merge branch 'springidp' into trunk

Added:
    cxf/fediz/trunk/services/idp/src/main/java/org/apache/cxf/fediz/service/idp/UsernamePasswordCredentials.java
    cxf/fediz/trunk/services/idp/src/main/java/org/apache/cxf/fediz/service/idp/beans/
    cxf/fediz/trunk/services/idp/src/main/java/org/apache/cxf/fediz/service/idp/beans/DecodeAuthorizationHeaderAction.java
    cxf/fediz/trunk/services/idp/src/main/java/org/apache/cxf/fediz/service/idp/beans/InitialFlowSetupAction.java
    cxf/fediz/trunk/services/idp/src/main/java/org/apache/cxf/fediz/service/idp/beans/LogoutAction.java
    cxf/fediz/trunk/services/idp/src/main/java/org/apache/cxf/fediz/service/idp/beans/STSClientAction.java
    cxf/fediz/trunk/services/idp/src/main/java/org/apache/cxf/fediz/service/idp/beans/WfreshParser.java
    cxf/fediz/trunk/services/idp/src/main/java/org/apache/cxf/fediz/service/idp/util/
    cxf/fediz/trunk/services/idp/src/main/java/org/apache/cxf/fediz/service/idp/util/WebUtils.java
    cxf/fediz/trunk/services/idp/src/main/webapp/WEB-INF/federation-webflow.xml
    cxf/fediz/trunk/services/idp/src/main/webapp/WEB-INF/genericerror.jsp
    cxf/fediz/trunk/services/idp/src/main/webapp/WEB-INF/idp-servlet.xml
    cxf/fediz/trunk/services/idp/src/main/webapp/WEB-INF/signinresponseform.jsp
    cxf/fediz/trunk/services/idp/src/main/webapp/WEB-INF/signoutresponse.jsp
    cxf/fediz/trunk/systests/jetty8/src/test/webapps/
    cxf/fediz/trunk/systests/jetty8/src/test/webapps/fediz-idp/
    cxf/fediz/trunk/systests/jetty8/src/test/webapps/fediz-idp/WEB-INF/
    cxf/fediz/trunk/systests/jetty8/src/test/webapps/fediz-idp/WEB-INF/idp-servlet.xml
    cxf/fediz/trunk/systests/tomcat7/src/test/webapps/
    cxf/fediz/trunk/systests/tomcat7/src/test/webapps/fediz-idp/
    cxf/fediz/trunk/systests/tomcat7/src/test/webapps/fediz-idp/WEB-INF/
    cxf/fediz/trunk/systests/tomcat7/src/test/webapps/fediz-idp/WEB-INF/idp-servlet.xml
Modified:
    cxf/fediz/trunk/.gitignore
    cxf/fediz/trunk/examples/simpleWebapp/src/main/config/fediz_config.xml
    cxf/fediz/trunk/examples/simpleWebapp/src/main/resources/log4j.properties
    cxf/fediz/trunk/examples/simpleWebapp/src/main/resources/logging.properties
    cxf/fediz/trunk/examples/springWebapp/src/main/config/fediz_config.xml
    cxf/fediz/trunk/examples/wsclientWebapp/webapp/pom.xml
    cxf/fediz/trunk/examples/wsclientWebapp/webapp/src/main/config/fediz_config.xml
    cxf/fediz/trunk/examples/wsclientWebapp/webapp/src/main/resources/logging.properties
    cxf/fediz/trunk/examples/wsclientWebapp/webapp/src/main/webapp/WEB-INF/web.xml
    cxf/fediz/trunk/pom.xml
    cxf/fediz/trunk/services/idp/pom.xml
    cxf/fediz/trunk/services/idp/src/main/resources/log4j.properties
    cxf/fediz/trunk/services/idp/src/main/resources/logging.properties
    cxf/fediz/trunk/services/idp/src/main/webapp/WEB-INF/applicationContext.xml
    cxf/fediz/trunk/services/idp/src/main/webapp/WEB-INF/signinform.jsp
    cxf/fediz/trunk/services/idp/src/main/webapp/WEB-INF/web.xml
    cxf/fediz/trunk/services/sts/pom.xml
    cxf/fediz/trunk/services/sts/src/main/resources/log4j.properties
    cxf/fediz/trunk/services/sts/src/main/resources/logging.properties
    cxf/fediz/trunk/services/sts/src/main/webapp/WEB-INF/cxf-transport.xml
    cxf/fediz/trunk/systests/jetty8/pom.xml
    cxf/fediz/trunk/systests/jetty8/src/test/java/org/apache/cxf/fediz/integrationtests/JettyPreAuthSpringTest.java
    cxf/fediz/trunk/systests/jetty8/src/test/java/org/apache/cxf/fediz/integrationtests/JettyTest.java
    cxf/fediz/trunk/systests/jetty8/src/test/java/org/apache/cxf/fediz/integrationtests/JettyUtils.java
    cxf/fediz/trunk/systests/jetty8/src/test/resources/fediz_config.xml
    cxf/fediz/trunk/systests/jetty8/src/test/resources/idp-server.xml
    cxf/fediz/trunk/systests/jetty8/src/test/resources/rp-server.xml
    cxf/fediz/trunk/systests/spring/src/test/resources/fediz_config.xml
    cxf/fediz/trunk/systests/spring/src/test/resources/idp-server.xml
    cxf/fediz/trunk/systests/tests/src/test/java/org/apache/cxf/fediz/integrationtests/AbstractTests.java
    cxf/fediz/trunk/systests/tomcat7/pom.xml
    cxf/fediz/trunk/systests/tomcat7/src/test/java/org/apache/cxf/fediz/integrationtests/TomcatTest.java
    cxf/fediz/trunk/systests/tomcat7/src/test/resources/fediz_config.xml

Modified: cxf/fediz/trunk/.gitignore
URL: http://svn.apache.org/viewvc/cxf/fediz/trunk/.gitignore?rev=1462277&r1=1462276&r2=1462277&view=diff
==============================================================================
--- cxf/fediz/trunk/.gitignore (original)
+++ cxf/fediz/trunk/.gitignore Thu Mar 28 19:53:35 2013
@@ -8,6 +8,8 @@
 .project
 .ruleset
 .settings/
+.svn/
 target/
 velocity.log
+.externalToolBuilders/
 

Modified: cxf/fediz/trunk/examples/simpleWebapp/src/main/config/fediz_config.xml
URL: http://svn.apache.org/viewvc/cxf/fediz/trunk/examples/simpleWebapp/src/main/config/fediz_config.xml?rev=1462277&r1=1462276&r2=1462277&view=diff
==============================================================================
--- cxf/fediz/trunk/examples/simpleWebapp/src/main/config/fediz_config.xml (original)
+++ cxf/fediz/trunk/examples/simpleWebapp/src/main/config/fediz_config.xml Thu Mar 28 19:53:35 2013
@@ -21,11 +21,11 @@
 		<protocol xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
 			xsi:type="federationProtocolType" version="1.0.0">
 			<realm>urn:org:apache:cxf:fediz:fedizhelloworld</realm>
-			<issuer>https://localhost:9443/fediz-idp/</issuer>
+			<issuer>https://localhost:9443/fediz-idp/federation</issuer>
 			<roleDelimiter>,</roleDelimiter>
 			<roleURI>http://schemas.xmlsoap.org/ws/2005/05/identity/claims/role</roleURI>
 			<!--<authenticationType type="String">some auth type</authenticationType>-->
-			<!--<homeRealm type="Class">org.apache.fediz.realm.MyHomeRealm</homeRealm>-->
+            <homeRealm type="Class">org.apache.cxf.fediz.example.HomeRealmCallbackHandler</homeRealm>
 			<!--<freshness>0</freshness>-->
 			<!--<reply>reply value</reply>-->
 			<!--<request>REQUEST</request>-->

Modified: cxf/fediz/trunk/examples/simpleWebapp/src/main/resources/log4j.properties
URL: http://svn.apache.org/viewvc/cxf/fediz/trunk/examples/simpleWebapp/src/main/resources/log4j.properties?rev=1462277&r1=1462276&r2=1462277&view=diff
==============================================================================
--- cxf/fediz/trunk/examples/simpleWebapp/src/main/resources/log4j.properties (original)
+++ cxf/fediz/trunk/examples/simpleWebapp/src/main/resources/log4j.properties Thu Mar 28 19:53:35 2013
@@ -1,6 +1,6 @@
 # Set root category priority to INFO and its only appender to CONSOLE.
-log4j.rootCategory=FATAL, CONSOLE
-#log4j.rootCategory=DEBUG, CONSOLE
+#log4j.rootCategory=FATAL, CONSOLE
+log4j.rootCategory=DEBUG, CONSOLE
 
 # CONSOLE is set to be a ConsoleAppender using a PatternLayout.
 log4j.appender.CONSOLE=org.apache.log4j.ConsoleAppender

Modified: cxf/fediz/trunk/examples/simpleWebapp/src/main/resources/logging.properties
URL: http://svn.apache.org/viewvc/cxf/fediz/trunk/examples/simpleWebapp/src/main/resources/logging.properties?rev=1462277&r1=1462276&r2=1462277&view=diff
==============================================================================
--- cxf/fediz/trunk/examples/simpleWebapp/src/main/resources/logging.properties (original)
+++ cxf/fediz/trunk/examples/simpleWebapp/src/main/resources/logging.properties Thu Mar 28 19:53:35 2013
@@ -38,9 +38,9 @@ java.util.logging.FileHandler.count = 1
 java.util.logging.FileHandler.formatter = java.util.logging.XMLFormatter
 
 # Limit the message that are printed on the console to WARNING and above.
-java.util.logging.ConsoleHandler.level = INFO
+java.util.logging.ConsoleHandler.level = FINEST
 java.util.logging.ConsoleHandler.formatter = java.util.logging.SimpleFormatter
-
+java.util.logging.SimpleFormatter.format="HEL %1$tc %2$s%n%4$s: %5$s%6$s%n"
 
 ############################################################
 # Facility specific properties.
@@ -50,3 +50,4 @@ java.util.logging.ConsoleHandler.formatt
 # For example, set the com.xyz.foo logger to only log SEVERE
 # messages:
 #com.xyz.foo.level = SEVERE
+org.apache.cxf.fediz.level = FINE
\ No newline at end of file

Modified: cxf/fediz/trunk/examples/springWebapp/src/main/config/fediz_config.xml
URL: http://svn.apache.org/viewvc/cxf/fediz/trunk/examples/springWebapp/src/main/config/fediz_config.xml?rev=1462277&r1=1462276&r2=1462277&view=diff
==============================================================================
--- cxf/fediz/trunk/examples/springWebapp/src/main/config/fediz_config.xml (original)
+++ cxf/fediz/trunk/examples/springWebapp/src/main/config/fediz_config.xml Thu Mar 28 19:53:35 2013
@@ -21,11 +21,11 @@
 		<protocol xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
 			xsi:type="federationProtocolType" version="1.0.0">
 			<realm>urn:org:apache:cxf:fediz:fedizhelloworld</realm>
-			<issuer>https://localhost:9443/fediz-idp/</issuer>
+			<issuer>https://localhost:9443/fediz-idp/federation</issuer>
 			<roleDelimiter>,</roleDelimiter>
 			<roleURI>http://schemas.xmlsoap.org/ws/2005/05/identity/claims/role</roleURI>
 			<!--<authenticationType type="String">some auth type</authenticationType>-->
-			<!--<homeRealm type="Class">org.apache.fediz.realm.MyHomeRealm</homeRealm>-->
+            <homeRealm type="Class">org.apache.cxf.fediz.example.HomeRealmCallbackHandler</homeRealm>
 			<!--<freshness>0</freshness>-->
 			<!--<reply>reply value</reply>-->
 			<!--<request>REQUEST</request>-->

Modified: cxf/fediz/trunk/examples/wsclientWebapp/webapp/pom.xml
URL: http://svn.apache.org/viewvc/cxf/fediz/trunk/examples/wsclientWebapp/webapp/pom.xml?rev=1462277&r1=1462276&r2=1462277&view=diff
==============================================================================
--- cxf/fediz/trunk/examples/wsclientWebapp/webapp/pom.xml (original)
+++ cxf/fediz/trunk/examples/wsclientWebapp/webapp/pom.xml Thu Mar 28 19:53:35 2013
@@ -121,7 +121,7 @@
             <groupId>org.slf4j</groupId>
             <artifactId>slf4j-api</artifactId>
             <version>${slf4j.version}</version>
-            <scope>compile</scope>
+            <scope>provided</scope>
         </dependency>
     </dependencies>
 

Modified: cxf/fediz/trunk/examples/wsclientWebapp/webapp/src/main/config/fediz_config.xml
URL: http://svn.apache.org/viewvc/cxf/fediz/trunk/examples/wsclientWebapp/webapp/src/main/config/fediz_config.xml?rev=1462277&r1=1462276&r2=1462277&view=diff
==============================================================================
--- cxf/fediz/trunk/examples/wsclientWebapp/webapp/src/main/config/fediz_config.xml (original)
+++ cxf/fediz/trunk/examples/wsclientWebapp/webapp/src/main/config/fediz_config.xml Thu Mar 28 19:53:35 2013
@@ -21,11 +21,11 @@
 		<protocol xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
 			xsi:type="federationProtocolType" version="1.0.0">
 			<realm>urn:org:apache:cxf:fediz:fedizhelloworld</realm>
-			<issuer>https://localhost:9443/fediz-idp/</issuer>
+			<issuer>https://localhost:9443/fediz-idp/federation</issuer>
 			<roleDelimiter>,</roleDelimiter>
 			<roleURI>http://schemas.xmlsoap.org/ws/2005/05/identity/claims/role</roleURI>
 			<!--<authenticationType type="String">some auth type</authenticationType>-->
-			<!--<homeRealm type="Class">org.apache.fediz.realm.MyHomeRealm</homeRealm>-->
+            <homeRealm type="Class">org.apache.cxf.fediz.example.HomeRealmCallbackHandler</homeRealm>
 			<!--<freshness>0</freshness>-->
 			<!--<reply>reply value</reply>-->
 			<!--<request>REQUEST</request>-->

Modified: cxf/fediz/trunk/examples/wsclientWebapp/webapp/src/main/resources/logging.properties
URL: http://svn.apache.org/viewvc/cxf/fediz/trunk/examples/wsclientWebapp/webapp/src/main/resources/logging.properties?rev=1462277&r1=1462276&r2=1462277&view=diff
==============================================================================
--- cxf/fediz/trunk/examples/wsclientWebapp/webapp/src/main/resources/logging.properties (original)
+++ cxf/fediz/trunk/examples/wsclientWebapp/webapp/src/main/resources/logging.properties Thu Mar 28 19:53:35 2013
@@ -38,9 +38,9 @@ java.util.logging.FileHandler.count = 1
 java.util.logging.FileHandler.formatter = java.util.logging.XMLFormatter
 
 # Limit the message that are printed on the console to WARNING and above.
-java.util.logging.ConsoleHandler.level = INFO
+java.util.logging.ConsoleHandler.level = FINEST
 java.util.logging.ConsoleHandler.formatter = java.util.logging.SimpleFormatter
-
+java.util.logging.SimpleFormatter.format="HEL %1$tc %2$s%n%4$s: %5$s%6$s%n"
 
 ############################################################
 # Facility specific properties.
@@ -50,3 +50,4 @@ java.util.logging.ConsoleHandler.formatt
 # For example, set the com.xyz.foo logger to only log SEVERE
 # messages:
 #com.xyz.foo.level = SEVERE
+org.apache.cxf.fediz.level = FINE
\ No newline at end of file

Modified: cxf/fediz/trunk/examples/wsclientWebapp/webapp/src/main/webapp/WEB-INF/web.xml
URL: http://svn.apache.org/viewvc/cxf/fediz/trunk/examples/wsclientWebapp/webapp/src/main/webapp/WEB-INF/web.xml?rev=1462277&r1=1462276&r2=1462277&view=diff
==============================================================================
--- cxf/fediz/trunk/examples/wsclientWebapp/webapp/src/main/webapp/WEB-INF/web.xml (original)
+++ cxf/fediz/trunk/examples/wsclientWebapp/webapp/src/main/webapp/WEB-INF/web.xml Thu Mar 28 19:53:35 2013
@@ -1,67 +1,67 @@
-<web-app xmlns="http://java.sun.com/xml/ns/javaee" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
-	xsi:schemaLocation="http://java.sun.com/xml/ns/javaee
-                      http://java.sun.com/xml/ns/javaee/web-app_3_0.xsd"
-	version="3.0" metadata-complete="true">
-
-	<description>WS Federation WS-Client Web Application Example</description>
-	<display-name>WS Federation WS-Client Web Application Example</display-name>
-
-    <context-param>
-        <param-name>contextConfigLocation</param-name>
-        <param-value>WEB-INF/applicationContext.xml</param-value>
-    </context-param>
-    <listener>
-        <listener-class>org.springframework.web.context.ContextLoaderListener</listener-class>
-    </listener>
-  
-    <!-- Required: Cache the security token in Thread Local Storage -->
-	<filter>
-		<filter-name>FederationFilter</filter-name>
-		<filter-class>org.apache.cxf.fediz.cxf.web.FederationFilter</filter-class>
-	</filter>
-
-	<!-- now map this filter to a URL-pattern -->
-	<filter-mapping>
-		<filter-name>FederationFilter</filter-name>
-		<url-pattern>/secure/*</url-pattern>
-	</filter-mapping>
-
-	<servlet>
-		<servlet-name>FederationServlet</servlet-name>
-		<servlet-class>org.apache.cxf.fediz.example.FederationServlet</servlet-class>
-	</servlet>
-
-	<servlet-mapping>
-		<servlet-name>FederationServlet</servlet-name>
-		<url-pattern>/secure/fedservlet</url-pattern>
-	</servlet-mapping>
-
-	<security-role>
-		<role-name>Manager</role-name>
-	</security-role>
-	<security-role>
-		<role-name>User</role-name>
-	</security-role>
-	<security-role>
-		<role-name>Admin</role-name>
-	</security-role>
-	<security-role>
-		<role-name>Authenticated</role-name>
-	</security-role>
-
-	<security-constraint>
-		<web-resource-collection>
-			<web-resource-name>Protected Area</web-resource-name>
-			<url-pattern>/secure/*</url-pattern>
-		</web-resource-collection>
-		<auth-constraint>
-			<role-name>*</role-name>
-		</auth-constraint>
-	</security-constraint>
-
-	<login-config>
-		<auth-method>WSFED</auth-method>
-		<realm-name>WSFED</realm-name>
-	</login-config>
-
-</web-app>
+<web-app xmlns="http://java.sun.com/xml/ns/javaee" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+	xsi:schemaLocation="http://java.sun.com/xml/ns/javaee
+                      http://java.sun.com/xml/ns/javaee/web-app_3_0.xsd"
+	version="3.0" metadata-complete="true">
+
+	<description>WS Federation WS-Client Web Application Example</description>
+	<display-name>WS Federation WS-Client Web Application Example</display-name>
+
+    <context-param>
+        <param-name>contextConfigLocation</param-name>
+        <param-value>WEB-INF/applicationContext.xml</param-value>
+    </context-param>
+    <listener>
+        <listener-class>org.springframework.web.context.ContextLoaderListener</listener-class>
+    </listener>
+  
+    <!-- Required: Cache the security token in Thread Local Storage -->
+	<filter>
+		<filter-name>FederationFilter</filter-name>
+		<filter-class>org.apache.cxf.fediz.cxf.web.FederationFilter</filter-class>
+	</filter>
+
+	<!-- now map this filter to a URL-pattern -->
+	<filter-mapping>
+		<filter-name>FederationFilter</filter-name>
+		<url-pattern>/secure/*</url-pattern>
+	</filter-mapping>
+
+	<servlet>
+		<servlet-name>FederationServlet</servlet-name>
+		<servlet-class>org.apache.cxf.fediz.example.FederationServlet</servlet-class>
+	</servlet>
+
+	<servlet-mapping>
+		<servlet-name>FederationServlet</servlet-name>
+		<url-pattern>/secure/fedservlet</url-pattern>
+	</servlet-mapping>
+
+	<security-role>
+		<role-name>Manager</role-name>
+	</security-role>
+	<security-role>
+		<role-name>User</role-name>
+	</security-role>
+	<security-role>
+		<role-name>Admin</role-name>
+	</security-role>
+	<security-role>
+		<role-name>Authenticated</role-name>
+	</security-role>
+
+	<security-constraint>
+		<web-resource-collection>
+			<web-resource-name>Protected Area</web-resource-name>
+			<url-pattern>/secure/*</url-pattern>
+		</web-resource-collection>
+		<auth-constraint>
+			<role-name>*</role-name>
+		</auth-constraint>
+	</security-constraint>
+
+	<login-config>
+		<auth-method>WSFED</auth-method>
+		<realm-name>WSFED</realm-name>
+	</login-config>
+
+</web-app>

Modified: cxf/fediz/trunk/pom.xml
URL: http://svn.apache.org/viewvc/cxf/fediz/trunk/pom.xml?rev=1462277&r1=1462276&r2=1462277&view=diff
==============================================================================
--- cxf/fediz/trunk/pom.xml (original)
+++ cxf/fediz/trunk/pom.xml Thu Mar 28 19:53:35 2013
@@ -622,7 +622,7 @@
         <profile>
             <id>setup.eclipse</id>
             <properties>
-                <eclipse.workspace.dir>${basedir}/../workspace</eclipse.workspace.dir>
+                <eclipse.workspace.dir>${basedir}/../workspace/fediz-wf</eclipse.workspace.dir>
             </properties>
             <build>
                 <defaultGoal>process-test-sources</defaultGoal>

Modified: cxf/fediz/trunk/services/idp/pom.xml
URL: http://svn.apache.org/viewvc/cxf/fediz/trunk/services/idp/pom.xml?rev=1462277&r1=1462276&r2=1462277&view=diff
==============================================================================
--- cxf/fediz/trunk/services/idp/pom.xml (original)
+++ cxf/fediz/trunk/services/idp/pom.xml Thu Mar 28 19:53:35 2013
@@ -26,7 +26,7 @@
         <relativePath>../../pom.xml</relativePath>
     </parent>
     <artifactId>fediz-idp</artifactId>
-    <name>Apache Fediz IDP</name>
+    <name>Apache Fediz IDP (Spring Web Flow)</name>
     <packaging>war</packaging>
     <dependencyManagement>
         <dependencies>
@@ -39,24 +39,41 @@
         <dependency>
             <groupId>javax.servlet</groupId>
             <artifactId>servlet-api</artifactId>
-            <version>${servlet.version}</version>
+            <version>2.5</version>
             <scope>provided</scope>
         </dependency>
+<!--         <dependency> -->
+<!--            <groupId>org.springframework</groupId> -->
+<!--            <artifactId>spring-web</artifactId> -->
+<!--            <version>${spring.version}</version> -->
+<!--         </dependency> -->
         <dependency>
             <groupId>org.springframework</groupId>
-            <artifactId>spring-web</artifactId>
+            <artifactId>spring-webmvc</artifactId>
             <version>${spring.version}</version>
         </dependency>
         <dependency>
-            <groupId>org.slf4j</groupId>
-            <artifactId>slf4j-api</artifactId>
-            <version>${slf4j.version}</version>
+            <groupId>org.springframework.webflow</groupId>
+            <artifactId>spring-webflow</artifactId>
+            <version>2.3.1.RELEASE</version>
+        </dependency>
+        <dependency>
+          <groupId>ognl</groupId>
+          <artifactId>ognl</artifactId>
+          <version>3.0.5</version>
+          <scope>runtime</scope>
         </dependency>
         <dependency>
             <groupId>org.slf4j</groupId>
-            <artifactId>slf4j-jdk14</artifactId>
+            <artifactId>slf4j-api</artifactId>
             <version>${slf4j.version}</version>
+            <scope>provided</scope>
         </dependency>
+<!--         <dependency> -->
+<!--             <groupId>org.slf4j</groupId> -->
+<!--             <artifactId>slf4j-jdk14</artifactId> -->
+<!--             <version>${slf4j.version}</version> -->
+<!--         </dependency> -->
         <dependency>
             <groupId>org.apache.cxf</groupId>
             <artifactId>cxf-rt-ws-security</artifactId>
@@ -75,7 +92,7 @@
         <dependency>
             <groupId>org.apache.commons</groupId>
             <artifactId>commons-lang3</artifactId>
-            <version>${commons.lang.version}</version>
+            <version>3.0.1</version>
         </dependency>
     </dependencies>
     <build>

Added: cxf/fediz/trunk/services/idp/src/main/java/org/apache/cxf/fediz/service/idp/UsernamePasswordCredentials.java
URL: http://svn.apache.org/viewvc/cxf/fediz/trunk/services/idp/src/main/java/org/apache/cxf/fediz/service/idp/UsernamePasswordCredentials.java?rev=1462277&view=auto
==============================================================================
--- cxf/fediz/trunk/services/idp/src/main/java/org/apache/cxf/fediz/service/idp/UsernamePasswordCredentials.java (added)
+++ cxf/fediz/trunk/services/idp/src/main/java/org/apache/cxf/fediz/service/idp/UsernamePasswordCredentials.java Thu Mar 28 19:53:35 2013
@@ -0,0 +1,46 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+package org.apache.cxf.fediz.service.idp;
+
+import java.io.Serializable;
+
+public class UsernamePasswordCredentials implements Serializable {
+
+    private static final long serialVersionUID = 1L;
+
+    private String username;
+    private String password;
+
+    public String getUsername() {
+        return username;
+    }
+
+    public void setUsername(String username) {
+        this.username = username;
+    }
+
+    public String getPassword() {
+        return password;
+    }
+
+    public void setPassword(String password) {
+        this.password = password;
+    }
+
+}

Added: cxf/fediz/trunk/services/idp/src/main/java/org/apache/cxf/fediz/service/idp/beans/DecodeAuthorizationHeaderAction.java
URL: http://svn.apache.org/viewvc/cxf/fediz/trunk/services/idp/src/main/java/org/apache/cxf/fediz/service/idp/beans/DecodeAuthorizationHeaderAction.java?rev=1462277&view=auto
==============================================================================
--- cxf/fediz/trunk/services/idp/src/main/java/org/apache/cxf/fediz/service/idp/beans/DecodeAuthorizationHeaderAction.java (added)
+++ cxf/fediz/trunk/services/idp/src/main/java/org/apache/cxf/fediz/service/idp/beans/DecodeAuthorizationHeaderAction.java Thu Mar 28 19:53:35 2013
@@ -0,0 +1,64 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+package org.apache.cxf.fediz.service.idp.beans;
+
+import java.util.StringTokenizer;
+
+import org.apache.cxf.common.util.Base64Utility;
+import org.apache.cxf.fediz.service.idp.UsernamePasswordCredentials;
+import org.apache.cxf.fediz.service.idp.util.WebUtils;
+import org.springframework.webflow.execution.RequestContext;
+
+/**
+ * @author fr17993 This class is responsible to decode authorization header with
+ *         basic authentication.
+ */
+
+public class DecodeAuthorizationHeaderAction {
+
+    public UsernamePasswordCredentials submit(RequestContext requestContext)
+        throws Exception {
+        String authorizationHeader = WebUtils.getHttpServletRequest(
+                requestContext).getHeader("Authorization");
+        String username = null;
+        String password = null;
+
+        StringTokenizer st = new StringTokenizer(authorizationHeader, " ");
+        String authType = st.nextToken();
+        String encoded = st.nextToken();
+
+        if (!authType.equalsIgnoreCase("basic")) {
+            throw new Exception("Invalid Authorization header");
+        }
+
+        String decoded = new String(Base64Utility.decode(encoded));
+
+        int colon = decoded.indexOf(':');
+        if (colon < 0) {
+            username = decoded;
+        } else {
+            username = decoded.substring(0, colon);
+            password = decoded.substring(colon + 1, decoded.length());
+        }
+        UsernamePasswordCredentials usernamePasswordCredentials = new UsernamePasswordCredentials();
+        usernamePasswordCredentials.setUsername(username);
+        usernamePasswordCredentials.setPassword(password);
+        return usernamePasswordCredentials;
+    }
+}

Added: cxf/fediz/trunk/services/idp/src/main/java/org/apache/cxf/fediz/service/idp/beans/InitialFlowSetupAction.java
URL: http://svn.apache.org/viewvc/cxf/fediz/trunk/services/idp/src/main/java/org/apache/cxf/fediz/service/idp/beans/InitialFlowSetupAction.java?rev=1462277&view=auto
==============================================================================
--- cxf/fediz/trunk/services/idp/src/main/java/org/apache/cxf/fediz/service/idp/beans/InitialFlowSetupAction.java (added)
+++ cxf/fediz/trunk/services/idp/src/main/java/org/apache/cxf/fediz/service/idp/beans/InitialFlowSetupAction.java Thu Mar 28 19:53:35 2013
@@ -0,0 +1,91 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+package org.apache.cxf.fediz.service.idp.beans;
+
+import org.apache.cxf.fediz.service.idp.util.WebUtils;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+import org.springframework.webflow.execution.RequestContext;
+
+/**
+ * @author fr17993 This class is responsible to initialize web flow.
+ */
+
+public class InitialFlowSetupAction {
+
+    private static final String AUTH_SUPPORT_TYPE = "idp.authSupportType";
+
+    private static final String IDP_NAME = "idpName";
+
+    private static final Logger LOG = LoggerFactory
+            .getLogger(InitialFlowSetupAction.class);
+
+    private String idpName = "IDP";
+
+    private String authSupportType;
+
+    public String getIdpName() {
+        return idpName;
+    }
+
+    public void setIdpName(String idpName) {
+        this.idpName = idpName;
+    }
+
+    public String getAuthSupportType() {
+        return authSupportType;
+    }
+
+    public void setAuthSupportType(String authSupportType) {
+        this.authSupportType = authSupportType;
+    }
+
+    private static enum SupportType {
+        FORM, BASIC;
+    }
+
+    /**
+     * @throws IllegalArgumentException
+     */
+    public void submit(RequestContext context) {
+        if (System.getProperty(AUTH_SUPPORT_TYPE) != null) {
+            authSupportType = System.getProperty(AUTH_SUPPORT_TYPE);
+            LOG.info("Bean property [authSupportType] has been overriden from system properties");
+        }
+        if (SupportType.valueOf(authSupportType) != null) {
+            WebUtils.putAttributeInFlowScope(context, AUTH_SUPPORT_TYPE,
+                    authSupportType);
+            LOG.info(AUTH_SUPPORT_TYPE + "=" + authSupportType
+                    + " has been stored in flow scope");
+        } else {
+            throw new IllegalArgumentException(AUTH_SUPPORT_TYPE + "="
+                    + authSupportType + " not supported");
+        }
+        putAttributeInFlowScope(context, IDP_NAME, idpName);
+    }
+
+    private void putAttributeInFlowScope(RequestContext context, String key, String value) {
+        if (value != null) {
+            WebUtils.putAttributeInFlowScope(context, key, value);
+            LOG.info(key + "=" + value + " has been stored in flow scope");
+        } else {
+            throw new IllegalArgumentException("Bean property [" + key + "] should be configured");
+        }
+    }
+}

Added: cxf/fediz/trunk/services/idp/src/main/java/org/apache/cxf/fediz/service/idp/beans/LogoutAction.java
URL: http://svn.apache.org/viewvc/cxf/fediz/trunk/services/idp/src/main/java/org/apache/cxf/fediz/service/idp/beans/LogoutAction.java?rev=1462277&view=auto
==============================================================================
--- cxf/fediz/trunk/services/idp/src/main/java/org/apache/cxf/fediz/service/idp/beans/LogoutAction.java (added)
+++ cxf/fediz/trunk/services/idp/src/main/java/org/apache/cxf/fediz/service/idp/beans/LogoutAction.java Thu Mar 28 19:53:35 2013
@@ -0,0 +1,33 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+package org.apache.cxf.fediz.service.idp.beans;
+
+import org.apache.cxf.fediz.service.idp.util.WebUtils;
+import org.springframework.webflow.execution.RequestContext;
+
+/**
+ * @author fr17993 This class is responsible to invalidate IDP session.
+ */
+
+public class LogoutAction {
+
+    public void submit(RequestContext requestContext) {
+        WebUtils.getHttpSession(requestContext).invalidate();
+    }
+}

Added: cxf/fediz/trunk/services/idp/src/main/java/org/apache/cxf/fediz/service/idp/beans/STSClientAction.java
URL: http://svn.apache.org/viewvc/cxf/fediz/trunk/services/idp/src/main/java/org/apache/cxf/fediz/service/idp/beans/STSClientAction.java?rev=1462277&view=auto
==============================================================================
--- cxf/fediz/trunk/services/idp/src/main/java/org/apache/cxf/fediz/service/idp/beans/STSClientAction.java (added)
+++ cxf/fediz/trunk/services/idp/src/main/java/org/apache/cxf/fediz/service/idp/beans/STSClientAction.java Thu Mar 28 19:53:35 2013
@@ -0,0 +1,286 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+package org.apache.cxf.fediz.service.idp.beans;
+
+import java.net.MalformedURLException;
+import java.net.URL;
+import java.util.List;
+import java.util.Map;
+
+import javax.xml.namespace.QName;
+import javax.xml.parsers.ParserConfigurationException;
+import javax.xml.stream.XMLStreamException;
+
+import org.w3c.dom.Element;
+
+import org.apache.commons.lang3.StringEscapeUtils;
+import org.apache.cxf.Bus;
+import org.apache.cxf.BusFactory;
+import org.apache.cxf.fediz.service.idp.IdpSTSClient;
+import org.apache.cxf.fediz.service.idp.UsernamePasswordCredentials;
+import org.apache.cxf.fediz.service.idp.util.WebUtils;
+import org.apache.cxf.staxutils.W3CDOMStreamWriter;
+import org.apache.cxf.ws.security.SecurityConstants;
+import org.apache.cxf.ws.security.tokenstore.SecurityToken;
+import org.apache.cxf.ws.security.trust.STSUtils;
+import org.apache.ws.security.WSConstants;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+import org.springframework.context.ApplicationContext;
+import org.springframework.webflow.execution.RequestContext;
+
+/**
+ * @author fr17993 
+This class is responsible to ask for Security Tokens to STS.
+ */
+
+public class STSClientAction {
+
+    private static final String REALM_TO_CLAIMS_MAP = "realm2ClaimsMap";
+
+    private static final String HTTP_SCHEMAS_XMLSOAP_ORG_WS_2005_05_IDENTITY = 
+            "http://schemas.xmlsoap.org/ws/2005/05/identity";
+
+    private static final String HTTP_DOCS_OASIS_OPEN_ORG_WS_SX_WS_TRUST_200512_BEARER = 
+            "http://docs.oasis-open.org/ws-sx/ws-trust/200512/Bearer";
+
+    private static final String HTTP_WWW_W3_ORG_2005_08_ADDRESSING = "http://www.w3.org/2005/08/addressing";
+
+    private static final String HTTP_DOCS_OASIS_OPEN_ORG_WS_SX_WS_TRUST_200512 = 
+            "http://docs.oasis-open.org/ws-sx/ws-trust/200512/";
+
+    private static final String SECURITY_TOKEN_SERVICE = "SecurityTokenService";
+
+    private static final Logger LOG = LoggerFactory
+            .getLogger(STSClientAction.class);
+
+    protected String wsdlLocation;
+
+    protected String wsdlEndpoint;
+
+    protected String appliesTo;
+
+    protected String tokenType;
+
+    protected boolean claimsRequired = true;
+    
+    protected boolean isPortSet;
+
+    public String getWsdlLocation() {
+        return wsdlLocation;
+    }
+
+    public void setWsdlLocation(String wsdlLocation) {
+        this.wsdlLocation = wsdlLocation;
+        try {
+            URL url = new URL(wsdlLocation);
+            isPortSet = url.getPort() > 0;
+            if (!isPortSet) {
+                LOG.info("Port is 0 for 'wsdlLocation'. Port evaluated when processing first request.");
+            }
+        } catch (MalformedURLException e) {
+            LOG.error("Invalid Url '" + wsdlLocation + "': "  + e.getMessage());
+        }
+    }
+
+    public String getWsdlEndpoint() {
+        return wsdlEndpoint;
+    }
+
+    public void setWsdlEndpoint(String wsdlEndpoint) {
+        this.wsdlEndpoint = wsdlEndpoint;
+    }
+
+    public String getAppliesTo() {
+        return appliesTo;
+    }
+
+    public void setAppliesTo(String appliesTo) {
+        this.appliesTo = appliesTo;
+    }
+
+    public String getTokenType() {
+        return tokenType;
+    }
+
+    public void setTokenType(String tokenType) {
+        this.tokenType = tokenType;
+    }
+
+    public boolean isClaimsRequired() {
+        return claimsRequired;
+    }
+
+    public void setClaimsRequired(boolean claimsRequired) {
+        this.claimsRequired = claimsRequired;
+    }
+
+    /**
+     * @param credentials
+     *            : username and password provided by user
+     * @return a IDP {@link SecurityToken}
+     * @throws Exception
+     */
+    public SecurityToken submit(UsernamePasswordCredentials credentials, RequestContext context)
+        throws Exception {
+
+        Bus bus = BusFactory.getDefaultBus();
+
+        IdpSTSClient sts = new IdpSTSClient(bus);
+        sts.setAddressingNamespace(HTTP_WWW_W3_ORG_2005_08_ADDRESSING);
+        paramTokenType(sts);
+        sts.setKeyType(HTTP_DOCS_OASIS_OPEN_ORG_WS_SX_WS_TRUST_200512_BEARER);
+
+        if (!isPortSet) {
+            try {
+                URL url = new URL(this.wsdlLocation);
+                URL updatedUrl = new URL(url.getProtocol(), url.getHost(),
+                                         WebUtils.getHttpServletRequest(context).getLocalPort(), url.getFile());
+                
+                setSTSWsdlUrl(updatedUrl.toString());
+                LOG.info("STS WSDL URL updated to " + updatedUrl.toString());
+            } catch (MalformedURLException e) {
+                LOG.error("Invalid Url '" + this.wsdlLocation + "': "  + e.getMessage());
+            }
+        }
+        sts.setWsdlLocation(this.wsdlLocation);
+        sts.setServiceQName(new QName(
+                HTTP_DOCS_OASIS_OPEN_ORG_WS_SX_WS_TRUST_200512,
+                SECURITY_TOKEN_SERVICE));
+        sts.setEndpointQName(new QName(
+                HTTP_DOCS_OASIS_OPEN_ORG_WS_SX_WS_TRUST_200512,
+                this.wsdlEndpoint));
+
+        if (this.claimsRequired) {
+            addClaims(this.appliesTo, bus, sts);
+        }
+
+        sts.getProperties().put(SecurityConstants.USERNAME,
+                credentials.getUsername());
+        sts.getProperties().put(SecurityConstants.PASSWORD,
+                credentials.getPassword());
+
+        SecurityToken idpToken = sts.requestSecurityToken(this.appliesTo);
+
+        LOG.info("Token [IDP_TOKEN] produced succesfully.");
+        return idpToken;
+    }
+
+    /**
+     * @param credentials
+     *            {@link SecurityToken}
+     * @param wtrealm
+     *            the relying party security domain
+     * @return a serialized RP security token
+     * @throws Exception
+     */
+    public String submit(SecurityToken credentials, String wtrealm)
+        throws Exception {
+
+        Bus bus = BusFactory.getDefaultBus();
+
+        IdpSTSClient sts = new IdpSTSClient(bus);
+        sts.setAddressingNamespace(HTTP_WWW_W3_ORG_2005_08_ADDRESSING);
+        paramTokenType(sts);
+        sts.setKeyType(HTTP_DOCS_OASIS_OPEN_ORG_WS_SX_WS_TRUST_200512_BEARER);
+
+        sts.setWsdlLocation(wsdlLocation);
+        sts.setServiceQName(new QName(
+                HTTP_DOCS_OASIS_OPEN_ORG_WS_SX_WS_TRUST_200512,
+                SECURITY_TOKEN_SERVICE));
+        sts.setEndpointQName(new QName(
+                HTTP_DOCS_OASIS_OPEN_ORG_WS_SX_WS_TRUST_200512, wsdlEndpoint));
+
+        if (this.claimsRequired) {
+            addClaims(wtrealm, bus, sts);
+        }
+
+        sts.setOnBehalfOf(credentials.getToken());
+
+        String rpToken = sts.requestSecurityTokenResponse(wtrealm);
+
+        LOG.info("Token [RP_TOKEN] produced succesfully.");
+        return StringEscapeUtils.escapeXml(rpToken);
+    }
+
+    private void addClaims(String wtrealm, Bus bus, IdpSTSClient sts)
+        throws ParserConfigurationException, XMLStreamException {
+        List<String> realmClaims = null;
+        ApplicationContext ctx = (ApplicationContext) bus
+                .getExtension(ApplicationContext.class);
+
+        @SuppressWarnings("unchecked")
+        Map<String, List<String>> realmClaimsMap = (Map<String, List<String>>) ctx
+                .getBean(REALM_TO_CLAIMS_MAP);
+        realmClaims = realmClaimsMap.get(wtrealm);
+        if (realmClaims != null && realmClaims.size() > 0
+                && LOG.isDebugEnabled()) {
+            LOG.debug("claims for realm " + wtrealm);
+            for (String item : realmClaims) {
+                LOG.debug("  " + item);
+            }
+        }
+        Element claims = createClaimsElement(realmClaims);
+        if (claims != null) {
+            sts.setClaims(claims);
+        }
+    }
+
+    private void paramTokenType(IdpSTSClient sts) {
+        if (tokenType == null) {
+            sts.setTokenType(WSConstants.WSS_SAML2_TOKEN_TYPE);
+        } else {
+            sts.setTokenType(tokenType);
+        }
+    }
+
+    private Element createClaimsElement(List<String> realmClaims)
+        throws ParserConfigurationException, XMLStreamException {
+        if (realmClaims == null || realmClaims.size() == 0) {
+            return null;
+        }
+
+        W3CDOMStreamWriter writer = new W3CDOMStreamWriter();
+        writer.writeStartElement("wst", "Claims", STSUtils.WST_NS_05_12);
+        writer.writeNamespace("wst", STSUtils.WST_NS_05_12);
+        writer.writeNamespace("ic",
+                HTTP_SCHEMAS_XMLSOAP_ORG_WS_2005_05_IDENTITY);
+        writer.writeAttribute("Dialect",
+                HTTP_SCHEMAS_XMLSOAP_ORG_WS_2005_05_IDENTITY);
+
+        if (realmClaims != null && realmClaims.size() > 0) {
+            for (String item : realmClaims) {
+                LOG.debug("claim: " + item);
+                writer.writeStartElement("ic", "ClaimType",
+                        HTTP_SCHEMAS_XMLSOAP_ORG_WS_2005_05_IDENTITY);
+                writer.writeAttribute("Uri", item);
+                writer.writeEndElement();
+            }
+        }
+
+        writer.writeEndElement();
+
+        return writer.getDocument().getDocumentElement();
+    }
+    
+    private synchronized void setSTSWsdlUrl(String wsdlUrl) {
+        this.wsdlLocation = wsdlUrl;
+        this.isPortSet = true;
+    }
+}

Added: cxf/fediz/trunk/services/idp/src/main/java/org/apache/cxf/fediz/service/idp/beans/WfreshParser.java
URL: http://svn.apache.org/viewvc/cxf/fediz/trunk/services/idp/src/main/java/org/apache/cxf/fediz/service/idp/beans/WfreshParser.java?rev=1462277&view=auto
==============================================================================
--- cxf/fediz/trunk/services/idp/src/main/java/org/apache/cxf/fediz/service/idp/beans/WfreshParser.java (added)
+++ cxf/fediz/trunk/services/idp/src/main/java/org/apache/cxf/fediz/service/idp/beans/WfreshParser.java Thu Mar 28 19:53:35 2013
@@ -0,0 +1,52 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+package org.apache.cxf.fediz.service.idp.beans;
+
+import java.util.Date;
+import org.apache.cxf.ws.security.tokenstore.SecurityToken;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+
+/**
+ * This class is responsible to parse 'wfresh' parameter 
+ * @author T.Beucher 
+ */
+
+public class WfreshParser {
+
+    private static final Logger LOG = LoggerFactory
+            .getLogger(WfreshParser.class);
+
+    public boolean authenticationRequired(SecurityToken idpToken, String wfresh)
+        throws Exception {
+        long ttl = Long.parseLong(wfresh);
+        if (ttl > 0) {
+            Date createdDate = idpToken.getCreated();
+            Date expiryDate = new Date();
+            expiryDate.setTime(createdDate.getTime() + (ttl * 60L * 1000L));
+            if (expiryDate.before(new Date())) {
+                LOG.info("IDP token is valid but relying party requested new authentication via wfresh: " + wfresh);
+                return true;
+            }
+        } else {
+            LOG.info("wfresh value of " + wfresh + " is invalid");
+        }
+        return false;
+    }
+}

Added: cxf/fediz/trunk/services/idp/src/main/java/org/apache/cxf/fediz/service/idp/util/WebUtils.java
URL: http://svn.apache.org/viewvc/cxf/fediz/trunk/services/idp/src/main/java/org/apache/cxf/fediz/service/idp/util/WebUtils.java?rev=1462277&view=auto
==============================================================================
--- cxf/fediz/trunk/services/idp/src/main/java/org/apache/cxf/fediz/service/idp/util/WebUtils.java (added)
+++ cxf/fediz/trunk/services/idp/src/main/java/org/apache/cxf/fediz/service/idp/util/WebUtils.java Thu Mar 28 19:53:35 2013
@@ -0,0 +1,177 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+package org.apache.cxf.fediz.service.idp.util;
+
+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletResponse;
+import javax.servlet.http.HttpSession;
+
+import org.springframework.util.Assert;
+import org.springframework.webflow.context.servlet.ServletExternalContext;
+import org.springframework.webflow.execution.RequestContext;
+
+/**
+ * @author fr17993 
+ * Utility class to bind with webflow artifacts
+ */
+public final class WebUtils {
+    
+    private WebUtils() {
+        super();
+    }
+
+    public static HttpServletRequest getHttpServletRequest(
+            final RequestContext context) {
+        Assert.isInstanceOf(ServletExternalContext.class,
+                context.getExternalContext(),
+                "Cannot obtain HttpServletRequest from event of type: "
+                        + context.getExternalContext().getClass().getName());
+        return (HttpServletRequest) context.getExternalContext()
+                .getNativeRequest();
+    }
+
+    public static HttpSession getHttpSession(final RequestContext context) {
+        HttpServletRequest httpServletRequest = getHttpServletRequest(context);
+        return httpServletRequest.getSession();
+    }
+
+    public static HttpServletResponse getHttpServletResponse(
+            final RequestContext context) {
+        Assert.isInstanceOf(ServletExternalContext.class,
+                context.getExternalContext(),
+                "Cannot obtain HttpServletResponse from event of type: "
+                        + context.getExternalContext().getClass().getName());
+        return (HttpServletResponse) context.getExternalContext()
+                .getNativeResponse();
+    }
+
+    public static void putAttributeInRequestScope(final RequestContext context,
+            final String attributeKey, final Object attributeValue) {
+        context.getRequestScope().put(attributeKey, attributeValue);
+    }
+
+    public static void putAttributeInExternalContext(
+            final RequestContext context, final String attributeKey,
+            final Object attributeValue) {
+        context.getExternalContext().getSessionMap()
+                .put(attributeKey, attributeValue);
+    }
+
+    /**
+     * put attribute in request or in session depending on storeInSession.
+     * 
+     * @param context
+     * @param attributeKey
+     * @return
+     */
+    public static void putAttribute(final RequestContext context,
+            final String attributeKey, final Object attributeValue,
+            boolean storeInSession) {
+        // Object oldValue = null;
+        if (storeInSession) {
+            // oldValue = getAttributeFromExternalContext(context,
+            // attributeKey);
+            putAttributeInExternalContext(context, attributeKey, attributeValue);
+        } else {
+            // oldValue = getAttributeFromRequestScope(context, attributeKey);
+            putAttributeInRequestScope(context, attributeKey, attributeValue);
+        }
+        // return oldValue;
+    }
+
+    public static Object getAttributeFromRequestScope(
+            final RequestContext context, final String attributeKey) {
+        return context.getRequestScope().getString(attributeKey);
+    }
+
+    public static Object getAttributeFromExternalContext(
+            final RequestContext context, final String attributeKey) {
+        return context.getExternalContext().getSessionMap()
+                .getString(attributeKey);
+    }
+
+    /**
+     * get attribute from request; if not found get it from session.
+     * 
+     * @param context
+     * @param attributeKey
+     * @return
+     */
+    public static Object getAttribute(final RequestContext context,
+            final String attributeKey) {
+        Object value = getAttributeFromRequestScope(context, attributeKey);
+        if (value != null) {
+            return value;
+        }
+        return getAttributeFromExternalContext(context, attributeKey);
+    }
+
+    public static Object removeAttributeFromRequestScope(
+            final RequestContext context, final String attributeKey) {
+        return context.getRequestScope().remove(attributeKey);
+    }
+
+    public static Object removeAttributeFromExternalContext(
+            final RequestContext context, final String attributeKey) {
+        return context.getExternalContext().getSessionMap()
+                .remove(attributeKey);
+    }
+
+    /**
+     * remove attribute from request and session.
+     * 
+     * @param context
+     * @param attributeKey
+     * @return
+     */
+    public static Object removeAttribute(final RequestContext context,
+            final String attributeKey) {
+        Object valueReq = removeAttributeFromRequestScope(context, attributeKey);
+        Object valueSes = removeAttributeFromExternalContext(context,
+                attributeKey);
+        if (valueSes != null) {
+            return valueSes; // not clean if request has different value !
+        }
+        if (valueReq != null) {
+            return valueReq;
+        }
+        return null;
+    }
+
+    public static void putAttributeInFlowScope(final RequestContext context,
+            final String attributeKey, final String attributeValue) {
+        context.getFlowScope().put(attributeKey, attributeValue);
+    }
+
+    public static String getAttributeFromFlowScope(
+            final RequestContext context, final String attributeKey) {
+        return context.getFlowScope().getString(attributeKey);
+    }
+
+    public static Object removeAttributeFromFlowScope(
+            final RequestContext context, final String attributeKey) {
+        return context.getFlowScope().remove(attributeKey);
+    }
+
+    public static String getParamFromRequestParameters(
+            final RequestContext context, final String attributeKey) {
+        return context.getRequestParameters().get(attributeKey);
+    }
+
+}

Modified: cxf/fediz/trunk/services/idp/src/main/resources/log4j.properties
URL: http://svn.apache.org/viewvc/cxf/fediz/trunk/services/idp/src/main/resources/log4j.properties?rev=1462277&r1=1462276&r2=1462277&view=diff
==============================================================================
--- cxf/fediz/trunk/services/idp/src/main/resources/log4j.properties (original)
+++ cxf/fediz/trunk/services/idp/src/main/resources/log4j.properties Thu Mar 28 19:53:35 2013
@@ -1,6 +1,6 @@
 # Set root category priority to INFO and its only appender to CONSOLE.
-log4j.rootCategory=FATAL, CONSOLE
-#log4j.rootCategory=DEBUG, CONSOLE
+#log4j.rootCategory=FATAL, CONSOLE
+log4j.rootCategory=DEBUG, CONSOLE
 
 # CONSOLE is set to be a ConsoleAppender using a PatternLayout.
 log4j.appender.CONSOLE=org.apache.log4j.ConsoleAppender

Modified: cxf/fediz/trunk/services/idp/src/main/resources/logging.properties
URL: http://svn.apache.org/viewvc/cxf/fediz/trunk/services/idp/src/main/resources/logging.properties?rev=1462277&r1=1462276&r2=1462277&view=diff
==============================================================================
--- cxf/fediz/trunk/services/idp/src/main/resources/logging.properties (original)
+++ cxf/fediz/trunk/services/idp/src/main/resources/logging.properties Thu Mar 28 19:53:35 2013
@@ -39,6 +39,7 @@ java.util.logging.FileHandler.formatter 
 
 # Limit the message that are printed on the console to WARNING and above.
 java.util.logging.ConsoleHandler.level = FINEST
+java.util.logging.SimpleFormatter.format="IDP %1$tc %2$s%n%4$s: %5$s%6$s%n"
 java.util.logging.ConsoleHandler.formatter = java.util.logging.SimpleFormatter
 
 
@@ -50,4 +51,6 @@ java.util.logging.ConsoleHandler.formatt
 # For example, set the com.xyz.foo logger to only log SEVERE
 # messages:
 #com.xyz.foo.level = SEVERE
-org.apache.cxf.fediz.service.idp.level = FINEST
+org.apache.cxf.fediz.service.idp.level = FINE
+org.springframework.web.level = FINE
+org.springframework.webflow.level = FINE
\ No newline at end of file

Modified: cxf/fediz/trunk/services/idp/src/main/webapp/WEB-INF/applicationContext.xml
URL: http://svn.apache.org/viewvc/cxf/fediz/trunk/services/idp/src/main/webapp/WEB-INF/applicationContext.xml?rev=1462277&r1=1462276&r2=1462277&view=diff
==============================================================================
--- cxf/fediz/trunk/services/idp/src/main/webapp/WEB-INF/applicationContext.xml (original)
+++ cxf/fediz/trunk/services/idp/src/main/webapp/WEB-INF/applicationContext.xml Thu Mar 28 19:53:35 2013
@@ -33,7 +33,7 @@
         </sec:trustManagers>
       </http:tlsClientParameters>
    </http:conduit>
-    
+   
    <import resource="RPClaims.xml" />
 
 </beans>

Added: cxf/fediz/trunk/services/idp/src/main/webapp/WEB-INF/federation-webflow.xml
URL: http://svn.apache.org/viewvc/cxf/fediz/trunk/services/idp/src/main/webapp/WEB-INF/federation-webflow.xml?rev=1462277&view=auto
==============================================================================
--- cxf/fediz/trunk/services/idp/src/main/webapp/WEB-INF/federation-webflow.xml (added)
+++ cxf/fediz/trunk/services/idp/src/main/webapp/WEB-INF/federation-webflow.xml Thu Mar 28 19:53:35 2013
@@ -0,0 +1,144 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<flow xmlns="http://www.springframework.org/schema/webflow"
+    xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+    xsi:schemaLocation="http://www.springframework.org/schema/webflow
+                          http://www.springframework.org/schema/webflow/spring-webflow-2.0.xsd">
+
+    <on-start>
+        <evaluate expression="initialFlowSetupAction.submit(flowRequestContext)" />
+    </on-start>
+    
+    <!-- protocol check -->
+    <decision-state id="WSFederationRequestCheck">
+        <on-entry>
+            <set name="externalContext.sessionMap['wtrealm']" value="requestParameters.wtrealm" />
+            <set name="externalContext.sessionMap['wreply']" value="requestParameters.wreply" />
+            <set name="externalContext.sessionMap['wctx']" value="requestParameters.wctx" />
+        </on-entry>
+        <if test="requestParameters.wa == null" then="viewBadRequest" />
+        <if test="requestParameters.wa != 'wsignin1.0' and requestParameters.wa != 'wsignout1.0' and requestParameters.wa != 'wsignoutcleanup1.0'" then="viewBadRequest" />
+        <if test="requestParameters.wa == 'wsignout1.0' or requestParameters.wa == 'wsignoutcleanup1.0'" then="invalidateSessionAction" />
+        <if test="requestParameters.wtrealm == null or requestParameters.wtrealm.length() == 0" then="viewBadRequest" />
+
+        <if test="externalContext.sessionMap['IDP_TOKEN'] == null" then="authenticationRequired" />
+        <if test="externalContext.sessionMap['IDP_TOKEN'].isExpired() == true" then="authenticationRequired" />
+        <if test="requestParameters.wfresh != null and requestParameters.wfresh.equals('0')" then="authenticationRequired" else="rpTokenAction" />
+    </decision-state>
+    
+    <!-- select authentication support type -->
+    <decision-state id="authenticationRequired">
+        <on-entry>
+            <set name="externalContext.sessionMap['IDP_TOKEN']" value="null" />
+        </on-entry>
+        <if test="flowScope['idp.authSupportType'] == 'FORM'" then="formAuthenticationView" />
+        <if test="flowScope['idp.authSupportType'] == 'BASIC'" then="basicAuthenticationCheck" else="viewBadRequest" />
+    </decision-state>
+    
+    <!-- display authentication form 'signinform.jsp' (username/password credentials) -->
+    <view-state id="formAuthenticationView" view="signinform" model="usernamePasswordCredentials">
+        <var name="usernamePasswordCredentials"
+            class="org.apache.cxf.fediz.service.idp.UsernamePasswordCredentials" />
+        <binder>
+            <binding property="username" />
+            <binding property="password" />
+        </binder>
+        <on-entry>
+            <evaluate expression="externalContext.nativeResponse.setHeader('Cache-Control', 'no-store, no-cache, must-revalidate, private')" />
+        </on-entry>
+        <transition on="authenticate" bind="true" validate="true" to="idpUsernamePasswordTokenAction">
+            <set name="flowScope.usernamePasswordCredentials" value="usernamePasswordCredentials" />
+        </transition>
+    </view-state>
+
+    <!-- check basic authentication state -->
+    <decision-state id="basicAuthenticationCheck">
+        <if test="externalContext.nativeRequest.getHeader('Authorization') == null" then="basicAuthenticationRequested" else="decodeBasicAuthenticationAction" />
+    </decision-state>
+    
+    <!-- force basic authentication, exits with Http 401 Unauthorized -->
+    <!-- warning : flow ends here. Decoding returned 'Authorization' header will be done by an other execution instance of flow (see 'decodeBasicAuthenticationAction') -->
+    <end-state id="basicAuthenticationRequested" view="genericerror">
+        <on-entry>
+            <evaluate expression="externalContext.nativeResponse.setHeader('WWW-Authenticate', 'Basic realm='+flowScope.idpName)" />
+            <evaluate expression="externalContext.nativeResponse.setHeader('Cache-Control', 'no-store, no-cache, must-revalidate, private')" />
+            <evaluate expression="externalContext.nativeResponse.setStatus(401,'Invalid credentials')" />
+            <set name="requestScope.reason" value="'Invalid credentials'" />
+        </on-entry>
+    </end-state>
+
+    <!-- decode returned 'Authorization' header -->
+    <action-state id="decodeBasicAuthenticationAction">
+        <evaluate expression="decodeAuthorizationHeaderAction.submit(flowRequestContext)"
+                    result="flowScope.usernamePasswordCredentials" 
+                    result-type="org.apache.cxf.fediz.service.idp.UsernamePasswordCredentials" />
+        <transition to="idpUsernamePasswordTokenAction" />
+        <transition on-exception="java.lang.Throwable" to="scInternalServerError" />
+    </action-state>
+
+    <!-- Receiving username/password as credentials, produce IDP security token (as SecurityToken type) and store it in session -->
+    <!-- catch SoapFault in case of wrong credentials to redirect the flow -->
+    <action-state id="idpUsernamePasswordTokenAction">
+        <evaluate expression="stsClientForIdpAction.submit(flowScope.usernamePasswordCredentials,flowRequestContext)"
+                    result="flowScope.idpToken" 
+                    result-type="org.apache.cxf.ws.security.tokenstore.SecurityToken" />
+        <transition on="success" to="rpTokenAction">
+            <set name="externalContext.sessionMap['IDP_TOKEN']" value="flowScope.idpToken" />
+            <set name="externalContext.sessionMap['IDP_PRINCIPAL']" value="flowScope.usernamePasswordCredentials.username" />
+        </transition>
+        <transition on-exception="org.apache.cxf.binding.soap.SoapFault" to="authenticationFailedSwitch" />
+        <transition on-exception="java.lang.Throwable" to="scInternalServerError" />
+    </action-state>
+
+    <!-- when authentication failed, depending on the authentication support type set -->
+    <decision-state id="authenticationFailedSwitch">
+        <if test="flowScope['idp.authSupportType'] == 'FORM'" then="formAuthenticationView" />
+        <if test="flowScope['idp.authSupportType'] == 'BASIC'" then="basicAuthenticationRequested" />
+    </decision-state>
+    
+    <!-- produce RP security token (as String type) -->
+    <action-state id="rpTokenAction">
+        <evaluate expression="stsClientForRpAction.submit(externalContext.sessionMap['IDP_TOKEN'], externalContext.sessionMap['wtrealm'])" 
+                    result="flowScope.rpToken" 
+                    result-type="java.lang.String" />
+        <transition to="formResponseView" />
+        <transition on-exception="java.lang.Throwable" to="scInternalServerError" />
+    </action-state>
+
+    <!-- normal exit point for login -->
+    <!-- browser redirection (self-submitted form 'signinresponseform.jsp') -->
+    <end-state id="formResponseView" view="signinresponseform"> 
+        <on-entry>
+            <evaluate expression="externalContext.sessionMap['wreply']" result="requestScope.fedAction" />
+            <evaluate expression="externalContext.sessionMap['wtrealm']" result="requestScope.fedWTrealm" />
+            <evaluate expression="externalContext.sessionMap['wctx']" result="requestScope.fedWCtx" />
+            <evaluate expression="flowScope.rpToken" result="requestScope.fedWResult" />
+        </on-entry>
+    </end-state>
+    
+    <!-- abnormal exit point : Http 400 Bad Request -->
+    <end-state id="viewBadRequest" view="genericerror">
+        <on-entry>
+            <evaluate expression="externalContext.nativeResponse.setStatus(400,flowRequestContext.currentTransition.toString())" />
+            <set name="requestScope.reason" value="flowRequestContext.currentTransition" />
+        </on-entry>
+    </end-state>
+
+    <!-- abnormal exit point : Http 500 Internal Server Error -->
+    <end-state id="scInternalServerError" view="genericerror">
+        <on-entry>
+            <evaluate expression="externalContext.nativeResponse.setStatus(500,'IDP is unavailable, please contact the administrator')" />
+            <set name="requestScope.reason" value="'IDP is unavailable, please contact the administrator'" />
+        </on-entry>
+    </end-state>
+
+    <!-- invalidate IDP session -->
+    <action-state id="invalidateSessionAction">
+        <evaluate expression="logoutAction.submit(flowRequestContext)" />
+        <transition on="success" to="endLogout" />
+        <transition on-exception="java.lang.Throwable" to="scInternalServerError" />
+    </action-state>
+
+    <!-- normal exit point for logout -->
+    <end-state id="endLogout" view="signoutresponse" /> 
+    
+</flow>

Added: cxf/fediz/trunk/services/idp/src/main/webapp/WEB-INF/genericerror.jsp
URL: http://svn.apache.org/viewvc/cxf/fediz/trunk/services/idp/src/main/webapp/WEB-INF/genericerror.jsp?rev=1462277&view=auto
==============================================================================
--- cxf/fediz/trunk/services/idp/src/main/webapp/WEB-INF/genericerror.jsp (added)
+++ cxf/fediz/trunk/services/idp/src/main/webapp/WEB-INF/genericerror.jsp Thu Mar 28 19:53:35 2013
@@ -0,0 +1,11 @@
+<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
+<html>
+<head>
+<meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1">
+<title>IDP generic error page</title>
+</head>
+<body>
+	<h1>Sorry, CXF Fediz IDP cannot satisfy your request.</h1>
+	<p>Reason : ${reason}</p>
+</body>
+</html>
\ No newline at end of file

Added: cxf/fediz/trunk/services/idp/src/main/webapp/WEB-INF/idp-servlet.xml
URL: http://svn.apache.org/viewvc/cxf/fediz/trunk/services/idp/src/main/webapp/WEB-INF/idp-servlet.xml?rev=1462277&view=auto
==============================================================================
--- cxf/fediz/trunk/services/idp/src/main/webapp/WEB-INF/idp-servlet.xml (added)
+++ cxf/fediz/trunk/services/idp/src/main/webapp/WEB-INF/idp-servlet.xml Thu Mar 28 19:53:35 2013
@@ -0,0 +1,74 @@
+<?xml version="1.0" encoding="UTF-8"?>
+
+<beans xmlns="http://www.springframework.org/schema/beans"
+       xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+       xmlns:webflow="http://www.springframework.org/schema/webflow-config"
+       xmlns:p="http://www.springframework.org/schema/p"       
+       xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-3.0.xsd
+       http://www.springframework.org/schema/webflow-config http://www.springframework.org/schema/webflow-config/spring-webflow-config-2.0.xsd">
+       
+  <bean class="org.springframework.webflow.mvc.servlet.FlowHandlerMapping" 
+  		p:flowRegistry-ref="flowRegistry"
+        p:order="2">
+<!--         <property name="interceptors"> -->
+<!--             <ref local="localeChangeInterceptor" /> -->
+<!--         </property> -->
+    </bean>
+
+    <bean class="org.springframework.webflow.mvc.servlet.FlowHandlerAdapter"
+        p:flowExecutor-ref="flowExecutor" />
+
+    <webflow:flow-executor id="flowExecutor" flow-registry="flowRegistry">
+        <webflow:flow-execution-attributes>
+            <webflow:always-redirect-on-pause value="false" />
+        </webflow:flow-execution-attributes>
+    </webflow:flow-executor>
+
+    <webflow:flow-registry id="flowRegistry" flow-builder-services="builder">
+        <webflow:flow-location path="/WEB-INF/federation-webflow.xml" id="federation" />
+    </webflow:flow-registry>
+
+  <webflow:flow-builder-services id="builder" view-factory-creator="viewFactoryCreator"
+                                 expression-parser="expressionParser"/>
+
+    <bean id="expressionParser" class="org.springframework.webflow.expression.WebFlowOgnlExpressionParser" />
+
+    <bean id="viewFactoryCreator" class="org.springframework.webflow.mvc.builder.MvcViewFactoryCreator">
+        <property name="viewResolvers">
+            <list>
+                <ref local="viewResolver" />
+            </list>
+        </property>
+    </bean>
+
+	<bean id="viewResolver" class="org.springframework.web.servlet.view.InternalResourceViewResolver">
+		<property name="prefix" value="/WEB-INF/"/>
+		<property name="suffix" value=".jsp"/>
+	</bean>
+
+    <bean id="stsClientForIdpAction" class="org.apache.cxf.fediz.service.idp.beans.STSClientAction">
+        <property name="wsdlLocation" value="https://localhost:0/fediz-idp-sts/STSService?wsdl"/>
+        <property name="wsdlEndpoint" value="TransportUT_Port"/>
+        <property name="appliesTo" value="urn:fediz:idp"/>
+        <property name="tokenType" value="http://docs.oasis-open.org/wss/oasis-wss-saml-token-profile-1.1#SAMLV2.0"/>
+        <property name="claimsRequired" value="true"/>
+    </bean>
+
+	<bean id="stsClientForRpAction" class="org.apache.cxf.fediz.service.idp.beans.STSClientAction">
+		<property name="wsdlLocation" value="https://localhost:9443/fediz-idp-sts/STSServiceTransport?wsdl"/>
+		<property name="wsdlEndpoint" value="Transport_Port"/>
+		<property name="tokenType" value="http://docs.oasis-open.org/wss/oasis-wss-saml-token-profile-1.1#SAMLV2.0"/>
+		<property name="claimsRequired" value="true"/>
+	</bean>
+
+	<bean id="logoutAction" class="org.apache.cxf.fediz.service.idp.beans.LogoutAction" />
+	
+	<bean id="decodeAuthorizationHeaderAction" class="org.apache.cxf.fediz.service.idp.beans.DecodeAuthorizationHeaderAction" />
+	
+	<bean id="initialFlowSetupAction" class="org.apache.cxf.fediz.service.idp.beans.InitialFlowSetupAction" >
+<!--         <property name="authSupportType" value="FORM" /> -->
+        <property name="authSupportType" value="BASIC" />
+        <property name="idpName" value="LocalIDP" />
+	</bean>
+	
+</beans>

Modified: cxf/fediz/trunk/services/idp/src/main/webapp/WEB-INF/signinform.jsp
URL: http://svn.apache.org/viewvc/cxf/fediz/trunk/services/idp/src/main/webapp/WEB-INF/signinform.jsp?rev=1462277&r1=1462276&r2=1462277&view=diff
==============================================================================
--- cxf/fediz/trunk/services/idp/src/main/webapp/WEB-INF/signinform.jsp (original)
+++ cxf/fediz/trunk/services/idp/src/main/webapp/WEB-INF/signinform.jsp Thu Mar 28 19:53:35 2013
@@ -1,43 +1,18 @@
-<%@ page import="java.util.Set"%>
-<%@ page import="java.util.HashSet"%>
-<%@ page import="java.lang.reflect.Field"%>
-<%@ page import="org.apache.cxf.fediz.service.idp.FederationFilter"%>
-<%@ page import="org.apache.cxf.fediz.service.idp.HttpFormAuthenticationFilter"%>
-<%@ page import="org.apache.cxf.fediz.service.idp.IdpServlet"%>
-
-<%@ page language="java" contentType="text/html; charset=ISO-8859-1" pageEncoding="ISO-8859-1"%>
-
 <!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
+<%@ taglib prefix="spring" uri="http://www.springframework.org/tags" %>
+<%@ taglib prefix="form" uri="http://www.springframework.org/tags/form" %>
 <html>
 <head>
 <title>IDP SignIn Request Form</title>
 </head>
 <body>
-	<form method="POST" name="signinform">
-		<%--
-			Replicating the context.
-		--%>
-		<%
-		Set<String> ctx = new HashSet<String>();
-		Field[] fields = FederationFilter.class.getFields();
-		for (Field f : fields) {
-			if(f.getName().startsWith("PARAM_") && String.class.equals(f.getType())) { 
-				String key = (String) f.get(null);
-				Object value = request.getAttribute(key);
-				if(null != value && value instanceof String) {
-					%>
-		<input type="hidden" name="<%=key%>" value="<%=value%>" readonly="readonly" />
-					<%
-				}
-			}
-		}
-		%>
-		<input type="hidden" name="<%=HttpFormAuthenticationFilter.PARAM_TAG%>" value="<%=HttpFormAuthenticationFilter.PARAM_TAG%>" readonly="readonly" />
-		userid :
-		<input type="text" name="<%=HttpFormAuthenticationFilter.PARAM_USERNAME%>" size="32" /><br />
-		password :
-		<input type="password" name="<%=HttpFormAuthenticationFilter.PARAM_PASSWORD%>" size="32" /><br />
-		<input type="submit" value="Authenticate" />
-	</form>
+	<h1>IDP SignIn Request Form</h1>
+	<form:form method="POST" id="signinform" name="signinform" >
+		<br />
+		userid   : <input type="text" name="username" size="32" /><br />
+		password : <input type="password" name="password" size="32" /><br />
+		<input type="hidden" id="execution" name="execution" value="${flowExecutionKey}"/>
+		<input type="submit" name="_eventId_authenticate" value="Authenticate" /><br />
+	</form:form>
 </body>
 </html>
\ No newline at end of file

Added: cxf/fediz/trunk/services/idp/src/main/webapp/WEB-INF/signinresponseform.jsp
URL: http://svn.apache.org/viewvc/cxf/fediz/trunk/services/idp/src/main/webapp/WEB-INF/signinresponseform.jsp?rev=1462277&view=auto
==============================================================================
--- cxf/fediz/trunk/services/idp/src/main/webapp/WEB-INF/signinresponseform.jsp (added)
+++ cxf/fediz/trunk/services/idp/src/main/webapp/WEB-INF/signinresponseform.jsp Thu Mar 28 19:53:35 2013
@@ -0,0 +1,21 @@
+<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
+<%@ taglib prefix="spring" uri="http://www.springframework.org/tags" %>
+<%@ taglib prefix="form" uri="http://www.springframework.org/tags/form" %>
+<html>
+<head>
+<title>IDP SignIn Response Form</title>
+</head>
+<body>
+	<form:form method="POST" id="signinresponseform" name="signinresponseform" action="${fedAction}" htmlEscape="true">
+        <input type="hidden" name="wa" value="wsignin1.0" /><br />
+        <input type="hidden" name="wresult" value="${fedWResult}" /><br />
+        <input type="hidden" name="wctx" value="${fedWCtx}" /><br />
+        <input type="hidden" name="wtrealm" value="${fedWTrealm}" /><br />
+ 		<noscript>
+		<p>Script is disabled. Click Submit to continue.</p>
+		<input type="submit" name="_eventId_submit" value="Submit" /><br />
+		</noscript>
+	</form:form>
+	<script language="javascript">window.setTimeout('document.forms[0].submit()',0);</script>
+</body>
+</html>

Added: cxf/fediz/trunk/services/idp/src/main/webapp/WEB-INF/signoutresponse.jsp
URL: http://svn.apache.org/viewvc/cxf/fediz/trunk/services/idp/src/main/webapp/WEB-INF/signoutresponse.jsp?rev=1462277&view=auto
==============================================================================
--- cxf/fediz/trunk/services/idp/src/main/webapp/WEB-INF/signoutresponse.jsp (added)
+++ cxf/fediz/trunk/services/idp/src/main/webapp/WEB-INF/signoutresponse.jsp Thu Mar 28 19:53:35 2013
@@ -0,0 +1,11 @@
+<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
+<%@ taglib prefix="spring" uri="http://www.springframework.org/tags" %>
+<%@ taglib prefix="form" uri="http://www.springframework.org/tags/form" %>
+<html>
+<head>
+<title>IDP SignOut Response Page</title>
+</head>
+<body>
+	<h1>CXF Fediz IDP succesfully logout.</h1>
+</body>
+</html>

Modified: cxf/fediz/trunk/services/idp/src/main/webapp/WEB-INF/web.xml
URL: http://svn.apache.org/viewvc/cxf/fediz/trunk/services/idp/src/main/webapp/WEB-INF/web.xml?rev=1462277&r1=1462276&r2=1462277&view=diff
==============================================================================
--- cxf/fediz/trunk/services/idp/src/main/webapp/WEB-INF/web.xml (original)
+++ cxf/fediz/trunk/services/idp/src/main/webapp/WEB-INF/web.xml Thu Mar 28 19:53:35 2013
@@ -1,285 +1,36 @@
-<web-app xmlns="http://java.sun.com/xml/ns/javaee" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
-	xsi:schemaLocation="http://java.sun.com/xml/ns/javaee
-                      http://java.sun.com/xml/ns/javaee/web-app_3_0.xsd"
-	version="3.0" metadata-complete="true">
-
-	<description>
-    WS Federation Tomcat Example
-    </description>
-	<display-name>WS Federation Tomcat Example</display-name>
-
-	<filter>
-		<filter-name>FederationFilter</filter-name>
-		<filter-class>org.apache.cxf.fediz.service.idp.FederationFilter</filter-class>
-		<!-- 
-		<init-param>
-			<param-name>pre-state</param-name>
-			<param-value>NOT_AUTHENTICATED</param-value>
-		</init-param>
-		-->
-		<!--
-		<init-param>
-			<param-name>next-state</param-name>
-			<param-value>AUTHENTICATION_REQUIRED</param-value>
-		</init-param>
-		-->
-		<init-param>
-			<param-name>session.token</param-name>
-			<param-value>IDP_TOKEN</param-value>
-		</init-param>		
-		
-	</filter>
-
-	<filter>
-		<filter-name>AuthenticationFilter</filter-name>
-		<filter-class>org.apache.cxf.fediz.service.idp.AuthenticationFilter</filter-class>
-		<init-param>
-			<param-name>pre-state</param-name>
-			<param-value>AUTHENTICATION_REQUIRED</param-value>
-		</init-param>
-	</filter>	
-	
-	<filter>
-		<filter-name>BasicAuthenticationFilter</filter-name>
-		<filter-class>org.apache.cxf.fediz.service.idp.BasicAuthenticationFilter</filter-class>
-		<init-param>
-			<param-name>pre-state</param-name>
-			<param-value>USERNAME_PASSWORD_REQUIRED</param-value>
-		</init-param>
-		<init-param>
-			<param-name>next-state</param-name>
-			<param-value>SECURITY_TOKEN_REQUIRED</param-value>
-		</init-param>		
-	</filter>
-	
-	<filter>
-		<filter-name>FormAuthenticationFilter</filter-name>
-		<filter-class>org.apache.cxf.fediz.service.idp.HttpFormAuthenticationFilter</filter-class>
-		<init-param>
-			<param-name>pre-state</param-name>
-			<param-value>USERNAME_PASSWORD_REQUIRED</param-value>
-		</init-param>
-		<init-param>
-			<param-name>next-state</param-name>
-			<param-value>SECURITY_TOKEN_REQUIRED</param-value>
-		</init-param>		
-	</filter>
-	
-	<filter>
-		<filter-name>STSClientFilterRequestor</filter-name>
-		<filter-class>org.apache.cxf.fediz.service.idp.STSClientFilter</filter-class>
-		<init-param>
-			<param-name>pre-state</param-name>
-			<param-value>SECURITY_TOKEN_REQUIRED</param-value>
-		</init-param>
-		<init-param>
-			<param-name>next-state</param-name>
-			<param-value>SECURITY_TOKEN_REQUIRED</param-value>
-		</init-param>			
-		<init-param>
-			<param-name>sts.wsdl.url</param-name>
-			<param-value>https://localhost:0/fediz-idp-sts/STSService?wsdl</param-value>
-		</init-param>
-		<init-param>
-			<param-name>sts.wsdl.service</param-name>
-			<param-value>SecurityTokenService</param-value>
-		</init-param>
-		<init-param>
-			<param-name>sts.wsdl.endpoint</param-name>
-			<param-value>TransportUT_Port</param-value>
-		</init-param>
-		<init-param>
-			<param-name>sts.auth-type</param-name>
-			<param-value>USERNAME_PASSWORD</param-value>
-		</init-param>		
-		<init-param>
-			<param-name>sts.applies-to</param-name>
-			<param-value>urn:fediz:idp</param-value>
-		</init-param>
-		<init-param>
-			<param-name>token.store.name</param-name>
-			<param-value>IDP_TOKEN</param-value>
-		</init-param>
-		<!--
-		<init-param>
-			<param-name>token.store.session</param-name>
-			<param-value>true</param-value>
-		</init-param>
-		-->
-		<init-param>
-			<param-name>sts.rstr.content-type</param-name>
-			<param-value>TOKEN</param-value>
-		</init-param>	
-		<init-param>
-			<param-name>sts.use.wfresh.for.ttl</param-name>
-			<param-value>true</param-value>
-		</init-param>	
-	</filter>
-	
-	<filter>
-		<filter-name>STSClientFilterRP</filter-name>
-		<filter-class>org.apache.cxf.fediz.service.idp.STSClientFilter</filter-class>
-		<init-param>
-			<param-name>pre-state</param-name>
-			<param-value>SECURITY_TOKEN_REQUIRED</param-value>
-		</init-param>
-		<init-param>
-			<param-name>next-state</param-name>
-			<param-value>AUTHENTICATED</param-value>
-		</init-param>			
-		<init-param>
-			<param-name>sts.wsdl.url</param-name>
-			<param-value>https://localhost:0/fediz-idp-sts/STSServiceTransport?wsdl</param-value>
-		</init-param>
-		<init-param>
-			<param-name>sts.wsdl.service</param-name>
-			<param-value>SecurityTokenService</param-value>
-		</init-param>
-		<init-param>
-			<param-name>sts.wsdl.endpoint</param-name>
-			<param-value>Transport_Port</param-value>
-		</init-param>
-		<init-param>
-			<param-name>sts.auth-type</param-name>
-			<param-value>NONE</param-value>
-		</init-param>
-		<init-param>
-			<param-name>sts.applies-to</param-name>
-			<param-value>$wtrealm</param-value>
-		</init-param>
-		<init-param>
-			<param-name>sts.onbehalfof.token.name</param-name>
-			<param-value>IDP_TOKEN</param-value>
-		</init-param>		
-		<init-param>
-			<param-name>token.store.name</param-name>
-			<param-value>RP_TOKEN</param-value>
-		</init-param>
-		<init-param>
-			<param-name>sts.rstr.content-type</param-name>
-			<param-value>RSTR</param-value>
-		</init-param>		
-		<init-param>
-			<param-name>sts.claims.required</param-name>
-			<param-value>true</param-value>
-		</init-param>
-	</filter>	
-
-	<filter>
-		<filter-name>FederationPostFilter</filter-name>
-		<filter-class>org.apache.cxf.fediz.service.idp.FederationPostFilter</filter-class>
-		<init-param>
-			<param-name>pre-state</param-name>
-			<param-value>AUTHENTICATED</param-value>
-		</init-param>
-		<init-param>
-			<param-name>next-state</param-name>
-			<param-value>AUTHENTICATED</param-value>
-		</init-param>		
-		<init-param>
-			<param-name>token.store.name</param-name>
-			<param-value>RP_TOKEN</param-value>		
-		</init-param>
-	</filter>
-
-	<filter>
-		<filter-name>LogoutFilter</filter-name>
-		<filter-class>org.apache.cxf.fediz.service.idp.LogoutFilter</filter-class>
-		<init-param>
-			<param-name>pre-state</param-name>
-			<param-value>AUTHENTICATED</param-value>
-		</init-param>
-		<init-param>
-			<param-name>logout.uri</param-name>
-			<param-value>logout</param-value>
-		</init-param>
-	</filter>
-	
-	<filter>
-		<filter-name>SessionCacheFilter</filter-name>
-		<filter-class>org.apache.cxf.fediz.service.idp.SessionCacheFilter</filter-class>
-		<init-param>
-			<param-name>pre-state</param-name>
-			<param-value>AUTHENTICATED</param-value>
-		</init-param>
-		<init-param>
-			<param-name>next-state</param-name>
-			<param-value>AUTHENTICATED</param-value>
-		</init-param>		
-		<init-param>
-			<param-name>item1</param-name>
-			<param-value>IDP_PRINCIPAL</param-value>		
-		</init-param>
-		<init-param>
-			<param-name>item2</param-name>
-			<param-value>IDP_TOKEN</param-value>		
-		</init-param>		
-	</filter>	
-
-
-
-	<filter-mapping>
-		<filter-name>FederationFilter</filter-name>
-		<url-pattern>/*</url-pattern>
-	</filter-mapping>
-	
-	<filter-mapping>
-		<filter-name>AuthenticationFilter</filter-name>
-		<url-pattern>/*</url-pattern>
-	</filter-mapping>
-     
-	<filter-mapping>
-		<filter-name>BasicAuthenticationFilter</filter-name>
-		<url-pattern>/*</url-pattern>
-	</filter-mapping>
-	
-	<!-- FORM based authentication -->
-	<!--
-	<filter-mapping>
-		<filter-name>FormAuthenticationFilter</filter-name>
-		<url-pattern>/*</url-pattern>
-	</filter-mapping>
-	-->
-	
-	<filter-mapping>
-		<filter-name>STSClientFilterRequestor</filter-name>
-		<url-pattern>/*</url-pattern>
-	</filter-mapping>
-	
-	<filter-mapping>
-		<filter-name>STSClientFilterRequestor</filter-name>
-                
-		<url-pattern>/*</url-pattern>
-	</filter-mapping>
-	
-	<filter-mapping>
-		<filter-name>STSClientFilterRP</filter-name>
-		<url-pattern>/*</url-pattern>
-	</filter-mapping>
-
-	<filter-mapping>
-		<filter-name>FederationPostFilter</filter-name>
-		<url-pattern>/*</url-pattern>
-	</filter-mapping>
-
-	<filter-mapping>
-		<filter-name>LogoutFilter</filter-name>
-		<url-pattern>/*</url-pattern>
-	</filter-mapping>	
-	
-	<filter-mapping>
-		<filter-name>SessionCacheFilter</filter-name>
-		<url-pattern>/*</url-pattern>
-	</filter-mapping>
-	
-
-	<context-param>
-		<param-name>contextConfigLocation</param-name>
-		<param-value>WEB-INF/applicationContext.xml</param-value>
-	</context-param>
-	<listener>
-		<listener-class>org.springframework.web.context.ContextLoaderListener</listener-class>
-	</listener>
-
-
-</web-app>
+<web-app xmlns="http://java.sun.com/xml/ns/javaee" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+	xsi:schemaLocation="http://java.sun.com/xml/ns/javaee
+                      http://java.sun.com/xml/ns/javaee/web-app_3_0.xsd"
+	version="3.0" metadata-complete="true">
+
+	<description>Fediz IDP</description>
+	<display-name>Fediz IDP</display-name>
+
+	<context-param>
+		<param-name>contextConfigLocation</param-name>
+		<param-value>/WEB-INF/applicationContext.xml</param-value>
+	</context-param>
+
+	<servlet>
+		<servlet-name>idp</servlet-name>
+		<servlet-class>
+			org.springframework.web.servlet.DispatcherServlet
+		</servlet-class>
+		<init-param>
+			<param-name>publishContext</param-name>
+			<param-value>false</param-value>
+		</init-param>
+		<load-on-startup>1</load-on-startup>
+	</servlet>
+	
+	<servlet-mapping>
+		<servlet-name>idp</servlet-name>
+		<url-pattern>/federation</url-pattern>
+	</servlet-mapping>
+
+	<listener>
+		<listener-class>org.springframework.web.context.ContextLoaderListener</listener-class>
+	</listener>
+
+
+</web-app>

Modified: cxf/fediz/trunk/services/sts/pom.xml
URL: http://svn.apache.org/viewvc/cxf/fediz/trunk/services/sts/pom.xml?rev=1462277&r1=1462276&r2=1462277&view=diff
==============================================================================
--- cxf/fediz/trunk/services/sts/pom.xml (original)
+++ cxf/fediz/trunk/services/sts/pom.xml Thu Mar 28 19:53:35 2013
@@ -68,8 +68,29 @@
                                 </exclusion>
                         </exclusions>
                         -->
+        </dependency>        
+        <dependency>
+            <groupId>org.slf4j</groupId>
+            <artifactId>slf4j-api</artifactId>
+            <version>${slf4j.version}</version>
+            <scope>compile</scope>
         </dependency>
-    </dependencies>
+        <dependency>
+            <groupId>org.slf4j</groupId>
+            <artifactId>slf4j-jdk14</artifactId>
+            <version>${slf4j.version}</version>
+            <scope>runtime</scope>
+        </dependency>
+<!--
+		<dependency>
+			<groupId>org.slf4j</groupId>
+			<artifactId>slf4j-api</artifactId>
+			<version>${slf4j.version}</version>
+			<scope>provided</scope>
+		</dependency>
+-->
+   </dependencies>
+
     <build>
         <plugins>
             <!--

Modified: cxf/fediz/trunk/services/sts/src/main/resources/log4j.properties
URL: http://svn.apache.org/viewvc/cxf/fediz/trunk/services/sts/src/main/resources/log4j.properties?rev=1462277&r1=1462276&r2=1462277&view=diff
==============================================================================
--- cxf/fediz/trunk/services/sts/src/main/resources/log4j.properties (original)
+++ cxf/fediz/trunk/services/sts/src/main/resources/log4j.properties Thu Mar 28 19:53:35 2013
@@ -1,6 +1,6 @@
 # Set root category priority to INFO and its only appender to CONSOLE.
-log4j.rootCategory=FATAL, CONSOLE
-#log4j.rootCategory=DEBUG, CONSOLE
+#log4j.rootCategory=FATAL, CONSOLE
+log4j.rootCategory=DEBUG, CONSOLE
 
 # CONSOLE is set to be a ConsoleAppender using a PatternLayout.
 log4j.appender.CONSOLE=org.apache.log4j.ConsoleAppender

Modified: cxf/fediz/trunk/services/sts/src/main/resources/logging.properties
URL: http://svn.apache.org/viewvc/cxf/fediz/trunk/services/sts/src/main/resources/logging.properties?rev=1462277&r1=1462276&r2=1462277&view=diff
==============================================================================
--- cxf/fediz/trunk/services/sts/src/main/resources/logging.properties (original)
+++ cxf/fediz/trunk/services/sts/src/main/resources/logging.properties Thu Mar 28 19:53:35 2013
@@ -38,10 +38,10 @@ java.util.logging.FileHandler.count = 1
 java.util.logging.FileHandler.formatter = java.util.logging.XMLFormatter
 
 # Limit the message that are printed on the console to WARNING and above.
-java.util.logging.ConsoleHandler.level = INFO
+java.util.logging.ConsoleHandler.level = FINEST
+java.util.logging.SimpleFormatter.format="STS %1$tc %2$s%n%4$s: %5$s%6$s%n"
 java.util.logging.ConsoleHandler.formatter = java.util.logging.SimpleFormatter
 
-
 ############################################################
 # Facility specific properties.
 # Provides extra control for each logger.
@@ -50,3 +50,4 @@ java.util.logging.ConsoleHandler.formatt
 # For example, set the com.xyz.foo logger to only log SEVERE
 # messages:
 #com.xyz.foo.level = SEVERE
+org.apache.cxf.fediz.service.sts.level = FINE

Modified: cxf/fediz/trunk/services/sts/src/main/webapp/WEB-INF/cxf-transport.xml
URL: http://svn.apache.org/viewvc/cxf/fediz/trunk/services/sts/src/main/webapp/WEB-INF/cxf-transport.xml?rev=1462277&r1=1462276&r2=1462277&view=diff
==============================================================================
--- cxf/fediz/trunk/services/sts/src/main/webapp/WEB-INF/cxf-transport.xml (original)
+++ cxf/fediz/trunk/services/sts/src/main/webapp/WEB-INF/cxf-transport.xml Thu Mar 28 19:53:35 2013
@@ -121,7 +121,7 @@
 		<property name="issuer" value="DoubleItSTSIssuer" />
 		<property name="encryptionUsername" value="myservicekey" />
 	</bean>
-
+    
 	<jaxws:endpoint id="transportSTS1" implementor="#transportSTSProviderBean"
 		address="/STSService" wsdlLocation="/WEB-INF/wsdl/ws-trust-1.4-service.wsdl"
 		xmlns:ns1="http://docs.oasis-open.org/ws-sx/ws-trust/200512/"



Mime
View raw message