cxf-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From owu...@apache.org
Subject svn commit: r1519224 - in /cxf/fediz/trunk: BUILDING.txt examples/README.txt examples/spring2Webapp/README.txt examples/springWebapp/README.txt plugins/spring/README.txt plugins/spring2/README.txt services/sts/README.txt
Date Sat, 31 Aug 2013 21:14:46 GMT
Author: owulff
Date: Sat Aug 31 21:14:46 2013
New Revision: 1519224

URL: http://svn.apache.org/r1519224
Log:
readme updated

Modified:
    cxf/fediz/trunk/BUILDING.txt
    cxf/fediz/trunk/examples/README.txt
    cxf/fediz/trunk/examples/spring2Webapp/README.txt
    cxf/fediz/trunk/examples/springWebapp/README.txt
    cxf/fediz/trunk/plugins/spring/README.txt
    cxf/fediz/trunk/plugins/spring2/README.txt
    cxf/fediz/trunk/services/sts/README.txt

Modified: cxf/fediz/trunk/BUILDING.txt
URL: http://svn.apache.org/viewvc/cxf/fediz/trunk/BUILDING.txt?rev=1519224&r1=1519223&r2=1519224&view=diff
==============================================================================
--- cxf/fediz/trunk/BUILDING.txt (original)
+++ cxf/fediz/trunk/BUILDING.txt Sat Aug 31 21:14:46 2013
@@ -38,15 +38,35 @@ Source Directory structure
 
  + plugins               contains the sources of the Federation plugin
       + core             the core module contains the majority of functionality which is
Servlet container agnostic
-      + tomcat           the Tomcat module is the bridge of the core to the Tomcat specific
security engine
+      + tomcat           the Tomcat module is the bridge of the core to the
+                           Tomcat specific security engine (container managed)
+      + jetty            the Jetty module is the bridge of the core to the
+                           Jetty specific security engine (container managed)
+      + spring           the Spring module is the brige of the core to the
+                           Spring Security 3 specific security engine (application managed)
+      + spring2          the Spring2 module is the bridge of the core to the
+                           Spring Security 2 specific security engine (application managed)
+      + websphere        the IBM Websphere module is the bridge of the core to the
+                           IBM Websphere specific security engine (container managed)
 
  + services              contains the sources of the Identity Provider
       + sts              the STS module contains the configured CXF STS which supports the
Federation use cases
       + idp              the IDP module is the bridge of the STS to a WS-Trust/SOAP unaware
browser
 
  + examples
-      + simpleWebapp     this example shows how to protect a simple web application using
the Fediz plugin
-      + wsclientWebapp   this example shows how a protected web application calls a web service
protected by the STS
-           + webapp      contains the web application
-           + webservice  contains the web services implementation
+      + simpleWebapp          this example shows how to protect a simple web application
using
+                                the Fediz plugin which is configured on the container level
+      + springPreAuthWebapp   this example shows how to protect a simple web application
using
+                                the Fediz plugin which is configured at the container level
+                                and creates the spring security context to use spring security
features
+                                for authorization like annotations, spring security configuration,
etc.
+      + springWebapp          this example shows how to protect a simple web application
using
+                                the Fediz plugin which is configured within the application
in
+                                the Spring Security 3 configuration
+      + spring2Webapp         this example shows how to protect a simple web application
using
+                                the Fediz plugin which is configured within the application
in
+                                the Spring Security 2 configuration
+      + wsclientWebapp        this example shows how a protected web application calls a
web service protected by the STS
+           + webapp           contains the web application
+           + webservice       contains the web services implementation
 

Modified: cxf/fediz/trunk/examples/README.txt
URL: http://svn.apache.org/viewvc/cxf/fediz/trunk/examples/README.txt?rev=1519224&r1=1519223&r2=1519224&view=diff
==============================================================================
--- cxf/fediz/trunk/examples/README.txt (original)
+++ cxf/fediz/trunk/examples/README.txt Sat Aug 31 21:14:46 2013
@@ -19,10 +19,7 @@ each sample, follow the READMEs located 
 examples.  Either the WAR can be manually copied to your servlet
 container's war deployment directory (webapps by default with Tomcat)
 or the Tomcat Maven Plugin (http://tomcat.apache.org/maven-plugin.html) 
-can be used to auto-install the WAR onto Tomcat.  Note if you're using
-this plugin with Tomcat 6 instead of Tomcat 7, change the 
-tomcat-maven-plugin URLs in the service/pom.xml files to 
-"http://localhost:{port}/manager" (instead of ".../manager/text").
+can be used to auto-install the WAR onto Tomcat.
 
 To be able to run the Maven "mvn" command from any folder, be
 sure to add the MAVEN_HOME/bin directory to your system PATH

Modified: cxf/fediz/trunk/examples/spring2Webapp/README.txt
URL: http://svn.apache.org/viewvc/cxf/fediz/trunk/examples/spring2Webapp/README.txt?rev=1519224&r1=1519223&r2=1519224&view=diff
==============================================================================
--- cxf/fediz/trunk/examples/spring2Webapp/README.txt (original)
+++ cxf/fediz/trunk/examples/spring2Webapp/README.txt Sat Aug 31 21:14:46 2013
@@ -1,8 +1,13 @@
 Simple Spring Web Application Demo
 ==================================
 
-This demo shows how to build and deploy an SSO protected using Apache CXF Fediz
-for a spring security based web application.
+This demo shows how to build and deploy an SSO protected web application
+using Apache CXF Fediz. The web application uses spring security 2 for
+authentication and authorization natively which provides a richer security
+API and configuration than the Java Servlet API.
+
+If you still want to enforce security on the container level but want to use
+spring security's features the demo 'springPreAuthWebapp' illustrates that.
 
 Running this sample consists of four steps:
 
@@ -21,10 +26,10 @@ http://cxf.apache.org/fediz-idp.html.  C
 checking that the WSDL is viewable from the browser using the URL given
 on that page--don't proceed further unless it is.
 
-The benefit of using Spring Security which is packaged with the demo application
+The benefit of using Spring Security 2 which is packaged with the demo application
 there are no plugin deployments required for the RP Servlet Container. 
 See this wiki page for instructions:
-http://cxf.apache.org/fediz-spring.html -- the "HTTPS Configuration" sections
+http://cxf.apache.org/fediz-spring-2.html -- the "HTTPS Configuration" sections
 are the only parts that need configuration for this sample. 
 
 
@@ -32,7 +37,7 @@ Demo Web Application
 --------------------
 The main code lives in the class FederationServlet. This Servlet is protected
 and can be accessed only if the browser user is authenticated. The purpose of
-the FederationServlet is to illustrate the usage of the Spring Security API and
+the FederationServlet is to illustrate the usage of the Spring Security 2 API and
 Configuration to get the authenticated user and to check the roles he has. Further, 
 the FederationServlet shows how to access claims data (user data) which were 
 stored in the SAML token by using the Fediz interface FederationPrincipal.

Modified: cxf/fediz/trunk/examples/springWebapp/README.txt
URL: http://svn.apache.org/viewvc/cxf/fediz/trunk/examples/springWebapp/README.txt?rev=1519224&r1=1519223&r2=1519224&view=diff
==============================================================================
--- cxf/fediz/trunk/examples/springWebapp/README.txt (original)
+++ cxf/fediz/trunk/examples/springWebapp/README.txt Sat Aug 31 21:14:46 2013
@@ -1,8 +1,13 @@
 Simple Spring Web Application Demo
 ==================================
 
-This demo shows how to build and deploy an SSO protected using Apache CXF Fediz
-for a spring security based web application.
+This demo shows how to build and deploy an SSO protected web application
+using Apache CXF Fediz. The web application uses spring security for
+authentication and authorization natively which provides a richer security
+API and configuration than the Java Servlet API.
+
+If you still want to enforce security on the container level but want to use
+spring security's features the demo 'springPreAuthWebapp' illustrates that.
 
 Running this sample consists of four steps:
 

Modified: cxf/fediz/trunk/plugins/spring/README.txt
URL: http://svn.apache.org/viewvc/cxf/fediz/trunk/plugins/spring/README.txt?rev=1519224&r1=1519223&r2=1519224&view=diff
==============================================================================
--- cxf/fediz/trunk/plugins/spring/README.txt (original)
+++ cxf/fediz/trunk/plugins/spring/README.txt Sat Aug 31 21:14:46 2013
@@ -7,7 +7,14 @@ It's recommended to use HTTPS to avoid s
 Please check your Servlet Container documentation how to set it up.
 
 Please check the Spring Security example to get more information how to deploy a web application
-using Spring Security.
+using Spring Security 3.
+
+The following wiki page explains how to configure the Fediz Spring plugin in your application:
+http://cxf.apache.org/fediz-spring.html
 
 The following wiki page explains the fediz configuration which is Container independent:
 http://cxf.apache.org/fediz-configuration.html
+
+Note: The Fediz Spring plugin is packaged with your application.
+Thus it's recommended to package it with the application
+using Apache Maven.

Modified: cxf/fediz/trunk/plugins/spring2/README.txt
URL: http://svn.apache.org/viewvc/cxf/fediz/trunk/plugins/spring2/README.txt?rev=1519224&r1=1519223&r2=1519224&view=diff
==============================================================================
--- cxf/fediz/trunk/plugins/spring2/README.txt (original)
+++ cxf/fediz/trunk/plugins/spring2/README.txt Sat Aug 31 21:14:46 2013
@@ -1,13 +1,20 @@
-Fediz configuration for Spring Security
----------------------------------------
+Fediz configuration for Spring Security 2.0
+-------------------------------------------
 
 The Servlet Container installation doesn't have to be updated before a Web Application can
be deployed.
 
 It's recommended to use HTTPS to avoid sending tokens/cookies in clear text on the network.
 Please check your Servlet Container documentation how to set it up.
 
-Please check the Spring Security example to get more information how to deploy a web application
+Please check the Spring Security 2 example to get more information how to deploy a web application
 using Spring Security.
 
+The following wiki page explains how to configure the Fediz Spring plugin in your application:
+http://cxf.apache.org/fediz-spring-2.html
+
 The following wiki page explains the fediz configuration which is Container independent:
 http://cxf.apache.org/fediz-configuration.html
+
+Note: The Fediz Spring plugin is packaged with your application.
+Thus it's recommended to package it with the application
+using Apache Maven.

Modified: cxf/fediz/trunk/services/sts/README.txt
URL: http://svn.apache.org/viewvc/cxf/fediz/trunk/services/sts/README.txt?rev=1519224&r1=1519223&r2=1519224&view=diff
==============================================================================
--- cxf/fediz/trunk/services/sts/README.txt (original)
+++ cxf/fediz/trunk/services/sts/README.txt Sat Aug 31 21:14:46 2013
@@ -1,6 +1,5 @@
-Build the STS
-----------------------------
-
+Building and Installating the STS
+=================================
 
 STS with LDAP backend
 ---------------------
@@ -17,11 +16,11 @@ mvn clean install -Prealms
 
 Proceed with the following steps to update the signing certificates:
 
-keytool -genkeypair -validity 3600 -alias realma -keystore stsrealm_a.jks -dname "cn=REALMA"
-keypass realma -storepass storepass
+keytool -genkeypair -keyalg RSA -validity 3600 -alias realma -keystore stsrealm_a.jks -dname
"cn=REALMA" -keypass realma -storepass storepass
 keytool -keystore stsrealm_a.jks -storepass storepass -export -alias realma -file realma.cert
 
 
-keytool -genkeypair -validity 3600 -alias realmb -keystore stsrealm_b.jks -dname "cn=REALMB"
-keypass realmb -storepass storepass
+keytool -genkeypair -keyalg RSA  -validity 3600 -alias realmb -keystore stsrealm_b.jks -dname
"cn=REALMB" -keypass realmb -storepass storepass
 keytool -keystore stsrealm_b.jks -storepass storepass -export -alias realmb -file realmb.cert
 
 keytool -import -trustcacerts -keystore ststrust.jks -storepass storepass -alias realma -file
realma.cert -noprompt



Mime
View raw message