cxf-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From build...@apache.org
Subject svn commit: r912827 - in /websites/production/cxf/content: cache/main.pageCache fediz-downloads.html fediz.html
Date Tue, 17 Jun 2014 09:46:53 GMT
Author: buildbot
Date: Tue Jun 17 09:46:53 2014
New Revision: 912827

Log:
Production update by buildbot for cxf

Modified:
    websites/production/cxf/content/cache/main.pageCache
    websites/production/cxf/content/fediz-downloads.html
    websites/production/cxf/content/fediz.html

Modified: websites/production/cxf/content/cache/main.pageCache
==============================================================================
Binary files - no diff available.

Modified: websites/production/cxf/content/fediz-downloads.html
==============================================================================
--- websites/production/cxf/content/fediz-downloads.html (original)
+++ websites/production/cxf/content/fediz-downloads.html Tue Jun 17 09:46:53 2014
@@ -108,71 +108,23 @@ Apache CXF -- Fediz Downloads
          <td height="100%">
            <!-- Content -->
            <div class="wiki-content">
-<div id="ConfluenceContent"><h1 id="FedizDownloads-Releases">Releases</h1>
-
-<h2 id="FedizDownloads-1.1.0">1.1.0</h2>
-<p>The 1.1.0 release is our latest release. For more information please see the <a
shape="rect" class="external-link" href="http://svn.apache.org/viewvc/cxf/fediz/tags/fediz-1.1.0/release_notes.txt?view=markup">release
notes</a> and the <a shape="rect" href="migration-guide-11.html">migration guide</a>.</p>
-<div class="table-wrap"><table class="confluenceTable"><tbody><tr><th
colspan="1" rowspan="1" class="confluenceTh"><p>Description</p></th><th
colspan="1" rowspan="1" class="confluenceTh"><p>File</p></th><th colspan="1"
rowspan="1" class="confluenceTh"><p>MD5</p></th><th colspan="1" rowspan="1"
class="confluenceTh"><p>SHA1</p></th><th colspan="1" rowspan="1" class="confluenceTh"><p>PGP</p></th></tr><tr><td
colspan="1" rowspan="1" class="confluenceTd"><p>Binary distribution</p></td><td
colspan="1" rowspan="1" class="confluenceTd"><p><a shape="rect" class="external-link"
href="http://www.apache.org/dyn/closer.cgi?path=/cxf/fediz/1.1.0/apache-fediz-1.1.0.zip">apache-fediz-1.1.0.zip</a></p></td><td
colspan="1" rowspan="1" class="confluenceTd"><p><a shape="rect" class="external-link"
href="http://www.apache.org/dist/cxf/fediz/1.1.0/apache-fediz-1.1.0.zip.md5">apache-fediz-1.1.0.zip.md5</a></p></td><td
colspan="1" rowspan="1" class="confluenceTd"><p><a shape="rect" class="external-link"
hr
 ef="http://www.apache.org/dist/cxf/fediz/1.1.0/apache-fediz-1.1.0.zip.sha1">apache-fediz-1.1.0.zip.sha1</a></p></td><td
colspan="1" rowspan="1" class="confluenceTd"><p><a shape="rect" class="external-link"
href="http://www.apache.org/dist/cxf/fediz/1.1.0/apache-fediz-1.1.0.zip.asc">apache-fediz-1.1.0.zip.asc</a></p></td></tr><tr><td></td></tr><tr><td
colspan="1" rowspan="1" class="confluenceTd"><p>Source distribution</p></td><td
colspan="1" rowspan="1" class="confluenceTd"><p><a shape="rect" class="external-link"
href="http://www.apache.org/dyn/closer.cgi?path=/cxf/fediz/1.1.0/fediz-1.1.0-source-release.zip">fediz-1.1.0-source-release.zip</a></p></td><td
colspan="1" rowspan="1" class="confluenceTd"><p><a shape="rect" class="external-link"
href="http://www.apache.org/dist/cxf/fediz/1.1.0/fediz-1.1.0-source-release.zip.md5">fediz-1.1.0-source-release.zip.md5</a></p></td><td
colspan="1" rowspan="1" class="confluenceTd"><p><a shape="rect" class="external-link"
href="http://www.apache.or
 g/dist/cxf/fediz/1.1.0/fediz-1.1.0-source-release.zip.sha1">fediz-1.1.0-source-release.zip.sha1</a></p></td><td
colspan="1" rowspan="1" class="confluenceTd"><p><a shape="rect" class="external-link"
href="http://www.apache.org/dist/cxf/fediz/1.1.0/fediz-1.1.0-source-release.zip.asc">fediz-1.1.0-source-release.zip.asc</a></p></td></tr><tr><td></td></tr></tbody></table></div>
-
-
-<h2 id="FedizDownloads-1.0.3">1.0.3</h2>
-<p>The 1.0.3 release is our latest patch release for 1.0. For more information please
see the <a shape="rect" class="external-link" href="http://svn.apache.org/viewvc/cxf/fediz/tags/fediz-1.0.3/release_notes.txt?view=markup">release
notes</a>.</p>
-
-<div class="table-wrap"><table class="confluenceTable"><tbody><tr><th
colspan="1" rowspan="1" class="confluenceTh"><p>Description</p></th><th
colspan="1" rowspan="1" class="confluenceTh"><p>File</p></th><th colspan="1"
rowspan="1" class="confluenceTh"><p>MD5</p></th><th colspan="1" rowspan="1"
class="confluenceTh"><p>SHA1</p></th><th colspan="1" rowspan="1" class="confluenceTh"><p>PGP</p></th></tr><tr><td
colspan="1" rowspan="1" class="confluenceTd"><p>Binary distribution</p></td><td
colspan="1" rowspan="1" class="confluenceTd"><p><a shape="rect" class="external-link"
href="http://www.apache.org/dyn/closer.cgi?path=/cxf/fediz/1.0.3/apache-fediz-1.0.3.zip">apache-fediz-1.0.3.zip</a></p></td><td
colspan="1" rowspan="1" class="confluenceTd"><p><a shape="rect" class="external-link"
href="http://www.apache.org/dist/cxf/fediz/1.0.3/apache-fediz-1.0.3.zip.md5">apache-fediz-1.0.3.zip.md5</a></p></td><td
colspan="1" rowspan="1" class="confluenceTd"><p><a shape="rect" class="external-link"
hr
 ef="http://www.apache.org/dist/cxf/fediz/1.0.3/apache-fediz-1.0.3.zip.sha1">apache-fediz-1.0.3.zip.sha1</a></p></td><td
colspan="1" rowspan="1" class="confluenceTd"><p><a shape="rect" class="external-link"
href="http://www.apache.org/dist/cxf/fediz/1.0.3/apache-fediz-1.0.3.zip.asc">apache-fediz-1.0.3.zip.asc</a></p></td></tr><tr><td></td></tr><tr><td
colspan="1" rowspan="1" class="confluenceTd"><p>Source distribution</p></td><td
colspan="1" rowspan="1" class="confluenceTd"><p><a shape="rect" class="external-link"
href="http://www.apache.org/dyn/closer.cgi?path=/cxf/fediz/1.0.3/fediz-1.0.3-source-release.zip">fediz-1.0.3-source-release.zip</a></p></td><td
colspan="1" rowspan="1" class="confluenceTd"><p><a shape="rect" class="external-link"
href="http://www.apache.org/dist/cxf/fediz/1.0.3/fediz-1.0.3-source-release.zip.md5">fediz-1.0.3-source-release.zip.md5</a></p></td><td
colspan="1" rowspan="1" class="confluenceTd"><p><a shape="rect" class="external-link"
href="http://www.apache.or
 g/dist/cxf/fediz/1.0.3/fediz-1.0.3-source-release.zip.sha1">fediz-1.0.3-source-release.zip.sha1</a></p></td><td
colspan="1" rowspan="1" class="confluenceTd"><p><a shape="rect" class="external-link"
href="http://www.apache.org/dist/cxf/fediz/1.0.3/fediz-1.0.3-source-release.zip.asc">fediz-1.0.3-source-release.zip.asc</a></p></td></tr><tr><td></td></tr></tbody></table></div>
-
-
-<h2 id="FedizDownloads-VerifyingReleases">Verifying Releases</h2>
-<p>When downloading from a mirror please check the MD5 and SHA1 checksums as well as
verifying the OpenPGP compatible signature available from the main Apache site. The <a
shape="rect" class="external-link" href="http://www.apache.org/dist/cxf/KEYS">KEYS</a>
file contains the public keys used for signing release. It is recommended that a web of trust
is used to confirm the identity of these keys.</p>
-
-<p>You can check the OpenPGP signature with:</p>
-<div class="code panel pdl" style="border-width: 1px;"><div class="codeContent panelContent
pdl">
-<script class="theme: Default; brush: java; gutter: false" type="syntaxhighlighter"><![CDATA[
-gpg --verify apache-fediz-*.zip.asc
+<div id="ConfluenceContent"><h1 id="FedizDownloads-Releases">Releases</h1><h2
id="FedizDownloads-1.1.1">1.1.1</h2><p>The 1.1.1 release is our latest release.
For more information please see the <a shape="rect" class="external-link" href="https://git-wip-us.apache.org/repos/asf?p=cxf-fediz.git;a=blob_plain;f=release_notes.txt;hb=5500f3cbf061b8f5b2d763e020df35516823d4e6">release
notes</a> and the <a shape="rect" href="migration-guide-11.html">migration guide</a>.</p><div
class="table-wrap"><table class="confluenceTable"><tbody><tr><th colspan="1"
rowspan="1" class="confluenceTh"><p>Description</p></th><th colspan="1"
rowspan="1" class="confluenceTh"><p>File</p></th><th colspan="1" rowspan="1"
class="confluenceTh"><p>MD5</p></th><th colspan="1" rowspan="1" class="confluenceTh"><p>SHA1</p></th><th
colspan="1" rowspan="1" class="confluenceTh"><p>PGP</p></th></tr><tr><td
colspan="1" rowspan="1" class="confluenceTd"><p>Binary distribution</p></td><td
colspan="1" rowspan="1" class="confluen
 ceTd"><p><a shape="rect" class="external-link" href="http://www.apache.org/dyn/closer.cgi?path=/cxf/fediz/1.1.1/apache-fediz-1.1.1.zip">apache-fediz-1.1.1.zip</a></p></td><td
colspan="1" rowspan="1" class="confluenceTd"><p><a shape="rect" class="external-link"
href="http://www.apache.org/dist/cxf/fediz/1.1.1/apache-fediz-1.1.1.zip.md5">apache-fediz-1.1.1.zip.md5</a></p></td><td
colspan="1" rowspan="1" class="confluenceTd"><p><a shape="rect" class="external-link"
href="http://www.apache.org/dist/cxf/fediz/1.1.1/apache-fediz-1.1.1.zip.sha1">apache-fediz-1.1.1.zip.sha1</a></p></td><td
colspan="1" rowspan="1" class="confluenceTd"><p><a shape="rect" class="external-link"
href="http://www.apache.org/dist/cxf/fediz/1.1.1/apache-fediz-1.1.1.zip.asc">apache-fediz-1.1.1.zip.asc</a></p></td></tr><tr><td
colspan="1" rowspan="1" class="confluenceTd"><p>Source distribution</p></td><td
colspan="1" rowspan="1" class="confluenceTd"><p><a shape="rect" class="external-link"
href="http://www.apache.org
 /dyn/closer.cgi?path=/cxf/fediz/1.1.1/fediz-1.1.1-source-release.zip">fediz-1.1.1-source-release.zip</a></p></td><td
colspan="1" rowspan="1" class="confluenceTd"><p><a shape="rect" class="external-link"
href="http://www.apache.org/dist/cxf/fediz/1.1.1/fediz-1.1.1-source-release.zip.md5">fediz-1.1.1-source-release.zip.md5</a></p></td><td
colspan="1" rowspan="1" class="confluenceTd"><p><a shape="rect" class="external-link"
href="http://www.apache.org/dist/cxf/fediz/1.1.1/fediz-1.1.1-source-release.zip.sha1">fediz-1.1.1-source-release.zip.sha1</a></p></td><td
colspan="1" rowspan="1" class="confluenceTd"><p><a shape="rect" class="external-link"
href="http://www.apache.org/dist/cxf/fediz/1.1.1/fediz-1.1.1-source-release.zip.asc">fediz-1.1.1-source-release.zip.asc</a></p></td></tr></tbody></table></div><h2
id="FedizDownloads-1.0.4">1.0.4</h2><p>The 1.0.4 release is our latest patch
release for 1.0. For more information please see the <a shape="rect" class="external-link"
href="https://git
 -wip-us.apache.org/repos/asf?p=cxf-fediz.git;a=blob_plain;f=release_notes.txt;hb=22686242998f89d6bbc0e96167eed1453c5350e6">release
notes</a>.</p><div class="table-wrap"><table class="confluenceTable"><tbody><tr><th
colspan="1" rowspan="1" class="confluenceTh"><p>Description</p></th><th
colspan="1" rowspan="1" class="confluenceTh"><p>File</p></th><th colspan="1"
rowspan="1" class="confluenceTh"><p>MD5</p></th><th colspan="1" rowspan="1"
class="confluenceTh"><p>SHA1</p></th><th colspan="1" rowspan="1" class="confluenceTh"><p>PGP</p></th></tr><tr><td
colspan="1" rowspan="1" class="confluenceTd"><p>Binary distribution</p></td><td
colspan="1" rowspan="1" class="confluenceTd"><p><a shape="rect" class="external-link"
href="http://www.apache.org/dyn/closer.cgi?path=/cxf/fediz/1.0.4/apache-fediz-1.0.4.zip">apache-fediz-1.0.4.zip</a></p></td><td
colspan="1" rowspan="1" class="confluenceTd"><p><a shape="rect" class="external-link"
href="http://www.apache.org/dist/cxf/fediz/1.0.4/apache-fediz-1
 .0.4.zip.md5">apache-fediz-1.0.4.zip.md5</a></p></td><td colspan="1"
rowspan="1" class="confluenceTd"><p><a shape="rect" class="external-link" href="http://www.apache.org/dist/cxf/fediz/1.0.4/apache-fediz-1.0.4.zip.sha1">apache-fediz-1.0.4.zip.sha1</a></p></td><td
colspan="1" rowspan="1" class="confluenceTd"><p><a shape="rect" class="external-link"
href="http://www.apache.org/dist/cxf/fediz/1.0.4/apache-fediz-1.0.4.zip.asc">apache-fediz-1.0.4.zip.asc</a></p></td></tr><tr><td
colspan="1" rowspan="1" class="confluenceTd"><p>Source distribution</p></td><td
colspan="1" rowspan="1" class="confluenceTd"><p><a shape="rect" class="external-link"
href="http://www.apache.org/dyn/closer.cgi?path=/cxf/fediz/1.0.4/fediz-1.0.4-source-release.zip">fediz-1.0.4-source-release.zip</a></p></td><td
colspan="1" rowspan="1" class="confluenceTd"><p><a shape="rect" class="external-link"
href="http://www.apache.org/dist/cxf/fediz/1.0.4/fediz-1.0.4-source-release.zip.md5">fediz-1.0.4-source-release.zip.md5</
 a></p></td><td colspan="1" rowspan="1" class="confluenceTd"><p><a
shape="rect" class="external-link" href="http://www.apache.org/dist/cxf/fediz/1.0.4/fediz-1.0.4-source-release.zip.sha1">fediz-1.0.4-source-release.zip.sha1</a></p></td><td
colspan="1" rowspan="1" class="confluenceTd"><p><a shape="rect" class="external-link"
href="http://www.apache.org/dist/cxf/fediz/1.0.4/fediz-1.0.4-source-release.zip.asc">fediz-1.0.4-source-release.zip.asc</a></p></td></tr></tbody></table></div><h2
id="FedizDownloads-VerifyingReleases">Verifying Releases</h2><p>When downloading
from a mirror please check the MD5 and SHA1 checksums as well as verifying the OpenPGP compatible
signature available from the main Apache site. The <a shape="rect" class="external-link"
href="http://www.apache.org/dist/cxf/KEYS">KEYS</a> file contains the public keys
used for signing release. It is recommended that a web of trust is used to confirm the identity
of these keys.</p><p>You can check the OpenPGP signature with:<
 /p><div class="code panel pdl" style="border-width: 1px;"><div class="codeContent
panelContent pdl">
+<script class="theme: Default; brush: java; gutter: false" type="syntaxhighlighter"><![CDATA[gpg
--verify apache-fediz-*.zip.asc
 ]]></script>
-</div></div>
-
-<p>You can check the MD5 checksum with:</p>
-<div class="code panel pdl" style="border-width: 1px;"><div class="codeContent panelContent
pdl">
-<script class="theme: Default; brush: java; gutter: false" type="syntaxhighlighter"><![CDATA[
-md5sum --check apache-fediz-*.zip.md5
+</div></div><p>You can check the MD5 checksum with:</p><div class="code
panel pdl" style="border-width: 1px;"><div class="codeContent panelContent pdl">
+<script class="theme: Default; brush: java; gutter: false" type="syntaxhighlighter"><![CDATA[md5sum
--check apache-fediz-*.zip.md5
 ]]></script>
-</div></div>
-
-<p>You can check the SHA1 checksum with:</p>
-<div class="code panel pdl" style="border-width: 1px;"><div class="codeContent panelContent
pdl">
-<script class="theme: Default; brush: java; gutter: false" type="syntaxhighlighter"><![CDATA[
-sha1sum --check apache-fediz-*.zip.sha1
+</div></div><p>You can check the SHA1 checksum with:</p><div class="code
panel pdl" style="border-width: 1px;"><div class="codeContent panelContent pdl">
+<script class="theme: Default; brush: java; gutter: false" type="syntaxhighlighter"><![CDATA[sha1sum
--check apache-fediz-*.zip.sha1
 ]]></script>
-</div></div>
-
-<h1 id="FedizDownloads-Previousreleases">Previous releases</h1>
-
-<p>Previous releases are all archived in the apache archive: <a shape="rect" class="external-link"
href="http://archive.apache.org/dist/cxf/fediz">http://archive.apache.org/dist/cxf/fediz</a></p>
-
-<h1 id="FedizDownloads-Snapshots">Snapshots</h1>
-
-    <div class="aui-message hint shadowed information-macro">
+</div></div><h1 id="FedizDownloads-Previousreleases">Previous releases</h1><p>Previous
releases are all archived in the apache archive: <a shape="rect" class="external-link"
href="http://archive.apache.org/dist/cxf/fediz">http://archive.apache.org/dist/cxf/fediz</a></p><h1
id="FedizDownloads-Snapshots">Snapshots</h1>    <div class="aui-message hint shadowed
information-macro">
                     <p class="title">Warning about snapshots</p>
                             <span class="aui-icon icon-hint">Icon</span>
                 <div class="message-content">
-                            
-<p>These are snapshot builds - untested builds provided for your convenience. They
have not been tested, and are not official releases of the Apache CXF Fediz project or the
Apache Software Foundation. </p>
+                            <p>These are snapshot builds - untested builds provided
for your convenience. They have not been tested, and are not official releases of the Apache
CXF Fediz project or the Apache Software Foundation.</p>
                     </div>
     </div>
-
-
-<p>1.1.1 <a shape="rect" class="external-link" href="https://repository.apache.org/content/groups/snapshots/org/apache/cxf/fediz/apache-fediz/1.1.1-SNAPSHOT/">https://repository.apache.org/content/groups/snapshots/org/apache/cxf/fediz/apache-fediz/1.1.1-SNAPSHOT/</a></p>
-
-<p>1.0.4 <a shape="rect" class="external-link" href="https://repository.apache.org/content/groups/snapshots/org/apache/cxf/fediz/apache-fediz/1.0.4-SNAPSHOT/">https://repository.apache.org/content/groups/snapshots/org/apache/cxf/fediz/apache-fediz/1.0.4-SNAPSHOT/</a></p>
-
-<h1 id="FedizDownloads-Maven2Repositories">Maven 2 Repositories</h1>
-<p>If you use Maven 2 for building your applications, Apache CXF Fediz artifacts are
available from the following repository URLS:</p>
-
-<h3 id="FedizDownloads-Releases:">Releases:</h3>
-<p>All supported CXF releases are synced into the Maven central repository: <a shape="rect"
class="external-link" href="http://repo1.maven.org/maven2/" rel="nofollow">http://repo1.maven.org/maven2/</a></p>
-
-<h3 id="FedizDownloads-Snapshots:">Snapshots:</h3>
-<p>Snapshots are available in Apache's Maven snapshot repository: <a shape="rect"
class="external-link" href="http://repository.apache.org/snapshots">http://repository.apache.org/snapshots</a></p></div>
+<p>1.1.2 <a shape="rect" class="external-link" href="https://repository.apache.org/content/groups/snapshots/org/apache/cxf/fediz/apache-fediz/1.1.1-SNAPSHOT/">https://repository.apache.org/content/groups/snapshots/org/apache/cxf/fediz/apache-fediz/1.1.2-SNAPSHOT/</a></p><h1
id="FedizDownloads-Maven2Repositories">Maven 2 Repositories</h1><p>If you use
Maven 2 for building your applications, Apache CXF Fediz artifacts are available from the
following repository URLS:</p><h3 id="FedizDownloads-Releases:">Releases:</h3><p>All
supported CXF releases are synced into the Maven central repository: <a shape="rect" class="external-link"
href="http://repo1.maven.org/maven2/" rel="nofollow">http://repo1.maven.org/maven2/</a></p><h3
id="FedizDownloads-Snapshots:">Snapshots:</h3><p>Snapshots are available in
Apache's Maven snapshot repository: <a shape="rect" class="external-link" href="http://repository.apache.org/snapshots">http://repository.apache.org/snapshots</a></p></div>
            </div>
            <!-- Content -->
          </td>

Modified: websites/production/cxf/content/fediz.html
==============================================================================
--- websites/production/cxf/content/fediz.html (original)
+++ websites/production/cxf/content/fediz.html Tue Jun 17 09:46:53 2014
@@ -99,7 +99,7 @@ Apache CXF -- Fediz
          <td height="100%">
            <!-- Content -->
            <div class="wiki-content">
-<div id="ConfluenceContent"><h1 id="Fediz-ApacheCXFFediz:AnOpen-SourceWebSecurityFramework">Apache
CXF Fediz: An Open-Source Web Security Framework</h1><h2 id="Fediz-Overview">Overview</h2><p>Apache
CXF Fediz is a subproject of CXF. Fediz helps you to secure your web applications and delegates
security enforcement to the underlying application server. With Fediz, authentication is externalized
from your web application to an identity provider installed as a dedicated server component.
The supported standard is <a shape="rect" class="external-link" href="http://docs.oasis-open.org/wsfed/federation/v1.2/os/ws-federation-1.2-spec-os.html#_Toc223175002"
rel="nofollow">WS-Federation Passive Requestor Profile</a>. Fediz supports <a
shape="rect" class="external-link" href="http://en.wikipedia.org/wiki/Claims-based_identity"
rel="nofollow">Claims Based Access Control</a> beyond Role Based Access Control (RBAC).</p><h2
id="Fediz-News">News</h2><p>*November 9, 2013 - Apache CXF Fediz 1.1.0 re
 leased!</p><p>Apache CXF Fediz 1.1.0 has been released. For more information,
please go <a shape="rect" href="fediz-downloads.html">here</a>.</p><h2
id="Fediz-Features">Features</h2><p>The following features are supported by
Fediz 1.1</p><ul><li>WS-Federation 1.0/1.1/1.2</li><li>SAML
1.1/2.0 Tokens</li><li>Support for encrypted SAML Tokens (Release 1.1)</li><li>Support
for Holder-Of-Key SubjectConfirmationMethod (1.1)</li><li>Custom token Support</li><li>Publish
WS-Federation Metadata document</li><li>Role information encoded as AttributeStatement
in SAML 1.1/2.0 tokens</li><li>Claims information provided by FederationPrincipal
Interface</li><li>Support for Tomcat, Jetty, Websphere, Spring Security and CXF
(1.1)</li><li>Fediz IDP supports "Resource IDP" role as well (1.1)</li></ul><p>The
following features are planned for the next release:</p><ul><li>support
for other protocols like SAML-P, OAuth</li></ul><p>You can get the current
status of the enhancements <a shape="rect" class="e
 xternal-link" href="https://issues.apache.org/jira/browse/FEDIZ">here </a>.</p><h2
id="Fediz-Architecture">Architecture</h2><p>The Fediz architecture is described
in more detail <a shape="rect" href="fediz-architecture.html">here</a>.</p><h2
id="Fediz-Download">Download</h2><p>See <a shape="rect" href="fediz-downloads.html">here</a>.</p><h2
id="Fediz-Gettingstarted">Getting started</h2><p>The WS-Federation specification
defines the following parties involved during a web login:</p><ul><li>Browser</li><li>Identity
Provider (IDP)<br clear="none"> The IDP is a centralized, application independent runtime
component which implements the protocol defined by WS-Federation. You can use any open source
or commercial product that supports WS-Federation 1.1/1.2 as your IDP. It's recommended to
use the Fediz IDP for testing as it allows for testing your web application in a sandbox without
having all infrastructure components available. The Fediz IDP consists of two WAR components.
The Security
  Token Service (STS) does most of the work including user authentication, claims/role data
retrieval and creating the SAML token. The IDP WAR translates the response to an HTML response
allowing a browser to process it.</li><li>Relying Party (RP)<br clear="none">
The RP is a web application that needs to be protected. The RP must be able to implement the
protocol as defined by WS-Federation. This component is called "Fediz Plugin" in this project
which consists of container agnostic module/jar and a container specific jar. When an authenticated
request is detected by the plugin it redirects to the IDP for authentication. The browser
sends the response from the IDP to the RP after successful authentication. The RP validates
the response and creates the container security context.</li></ul><p>It's
recommended to deploy the IDP and the web application (RP) into different container instances
as in a production deployment. The container with the IDP can be used during development and
tes
 ting for multiple web applications needing security.</p><h3 id="Fediz-SettinguptheIDP">Setting
up the IDP</h3><p>The installation and configuration of the IDP is documented
<a shape="rect" href="fediz-idp-11.html">here</a></p><h3 id="Fediz-SetuptheRelyingPartyContainer">Set
up the Relying Party Container</h3><p>The Fediz plugin needs to be deployed into
the Relying Party (RP) container. The security mechanism is not specified by JEE. Even though
it is very similar in each servlet container there are some differences which require a dedicated
Fediz plugin for each servlet container implementation. Most of the configuration goes into
a Servlet container independent configuration file which is described <a shape="rect" href="fediz-configuration.html">here</a></p><p>The
following lists shows the supported containers and the location of the installation and configuration
page.</p><ul><li><a shape="rect" href="fediz-tomcat.html">Tomcat 7
</a></li><li><a shape="rect" href="fediz-jetty.html
 ">Jetty 7/8 (1.1)</a></li><li><a shape="rect" href="fediz-spring.html">Spring
Security 3.1 (1.1)</a></li><li><a shape="rect" href="fediz-websphere.html">Websphere
7/8 (1.1)</a></li><li><a shape="rect" href="fediz-cxf.html">CXF (1.1)
</a></li></ul><h2 id="Fediz-Samples">Samples</h2><p>The
examples directory contains two sample relying party applications. They are independent of
each other, so it is not necessary to deploy both at once.</p><p>Each sample is
described in a <code>README.txt</code> file located in the base directory of each
sample.</p><div class="table-wrap"><table class="confluenceTable"><tbody><tr><th
colspan="1" rowspan="1" class="confluenceTh"><p>Sample</p></th><th
colspan="1" rowspan="1" class="confluenceTh"><p>Description</p></th></tr><tr><td
colspan="1" rowspan="1" class="confluenceTd"><p><strong>simpleWebapp</strong></p></td><td
colspan="1" rowspan="1" class="confluenceTd"><p>a simple web application which is
protected by the Fediz IDP. The FederationServlet illu
 strates how to get security information using the standard APIs.</p></td></tr><tr><td
colspan="1" rowspan="1" class="confluenceTd"><p><strong>wsclientWebapp</strong></p></td><td
colspan="1" rowspan="1" class="confluenceTd"><p>a protected web application that
calls a web service that uses the Fediz STS to validate credentials. Here, the same STS is
used for token issuance (indirectly, by the web application through use of the Fediz IDP)
and validation. The FederationServlet illustrates how to securely call a web service.</p></td></tr></tbody></table></div><p><span
class="confluence-anchor-link" id="Fediz-building"></span></p><h2 id="Fediz-Building">Building</h2><p>Check
out the code from here:</p><ul><li>git<br clear="none"> git clone
-v <a shape="rect" class="external-link" href="https://git-wip-us.apache.org/repos/asf/cxf-fediz.git">https://git-wip-us.apache.org/repos/asf/cxf-fediz.git</a></li></ul><p>Then
follow the <a shape="rect" class="external-link" href="http://svn.apache.org
 /viewvc/cxf/fediz/trunk/BUILDING.txt?view=markup">BUILDING.txt</a> file in the Fediz
download for full build instructions.</p><h5 id="Fediz-SettingupEclipse:">Setting
up Eclipse:</h5><p>See <a shape="rect" href="http://cxf.apache.org/setting-up-eclipse.html">this
page</a> for information on using the Eclipse IDE with the Fediz source code. This page
is created for CXF but the same commands are applicable for Fediz too.</p></div>
+<div id="ConfluenceContent"><h1 id="Fediz-ApacheCXFFediz:AnOpen-SourceWebSecurityFramework">Apache
CXF Fediz: An Open-Source Web Security Framework</h1><h2 id="Fediz-Overview">Overview</h2><p>Apache
CXF Fediz is a subproject of CXF. Fediz helps you to secure your web applications and delegates
security enforcement to the underlying application server. With Fediz, authentication is externalized
from your web application to an identity provider installed as a dedicated server component.
The supported standard is <a shape="rect" class="external-link" href="http://docs.oasis-open.org/wsfed/federation/v1.2/os/ws-federation-1.2-spec-os.html#_Toc223175002"
rel="nofollow">WS-Federation Passive Requestor Profile</a>. Fediz supports <a
shape="rect" class="external-link" href="http://en.wikipedia.org/wiki/Claims-based_identity"
rel="nofollow">Claims Based Access Control</a> beyond Role Based Access Control (RBAC).</p><h2
id="Fediz-News">News</h2><p>*June 16, 2014 - Apache CXF Fediz 1.1.1 relea
 sed!</p><p>Apache CXF Fediz 1.1.1 has been released. For more information, please
go <a shape="rect" href="fediz-downloads.html">here</a>.</p><h2 id="Fediz-Features">Features</h2><p>The
following features are supported by Fediz 1.1</p><ul><li>WS-Federation 1.0/1.1/1.2</li><li>SAML
1.1/2.0 Tokens</li><li>Support for encrypted SAML Tokens (Release 1.1)</li><li>Support
for Holder-Of-Key SubjectConfirmationMethod (1.1)</li><li>Custom token Support</li><li>Publish
WS-Federation Metadata document</li><li>Role information encoded as AttributeStatement
in SAML 1.1/2.0 tokens</li><li>Claims information provided by FederationPrincipal
Interface</li><li>Support for Tomcat, Jetty, Websphere, Spring Security and CXF
(1.1)</li><li>Fediz IDP supports "Resource IDP" role as well (1.1)</li></ul><p>The
following features are planned for the next release:</p><ul><li>support
for other protocols like SAML-P, OAuth</li></ul><p>You can get the current
status of the enhancements <a shape="rect" class="exte
 rnal-link" href="https://issues.apache.org/jira/browse/FEDIZ">here </a>.</p><h2
id="Fediz-Architecture">Architecture</h2><p>The Fediz architecture is described
in more detail <a shape="rect" href="fediz-architecture.html">here</a>.</p><h2
id="Fediz-Download">Download</h2><p>See <a shape="rect" href="fediz-downloads.html">here</a>.</p><h2
id="Fediz-Gettingstarted">Getting started</h2><p>The WS-Federation specification
defines the following parties involved during a web login:</p><ul><li>Browser</li><li>Identity
Provider (IDP)<br clear="none"> The IDP is a centralized, application independent runtime
component which implements the protocol defined by WS-Federation. You can use any open source
or commercial product that supports WS-Federation 1.1/1.2 as your IDP. It's recommended to
use the Fediz IDP for testing as it allows for testing your web application in a sandbox without
having all infrastructure components available. The Fediz IDP consists of two WAR components.
The Security To
 ken Service (STS) does most of the work including user authentication, claims/role data retrieval
and creating the SAML token. The IDP WAR translates the response to an HTML response allowing
a browser to process it.</li><li>Relying Party (RP)<br clear="none"> The
RP is a web application that needs to be protected. The RP must be able to implement the protocol
as defined by WS-Federation. This component is called "Fediz Plugin" in this project which
consists of container agnostic module/jar and a container specific jar. When an authenticated
request is detected by the plugin it redirects to the IDP for authentication. The browser
sends the response from the IDP to the RP after successful authentication. The RP validates
the response and creates the container security context.</li></ul><p>It's
recommended to deploy the IDP and the web application (RP) into different container instances
as in a production deployment. The container with the IDP can be used during development and
testin
 g for multiple web applications needing security.</p><h3 id="Fediz-SettinguptheIDP">Setting
up the IDP</h3><p>The installation and configuration of the IDP is documented
<a shape="rect" href="fediz-idp-11.html">here</a></p><h3 id="Fediz-SetuptheRelyingPartyContainer">Set
up the Relying Party Container</h3><p>The Fediz plugin needs to be deployed into
the Relying Party (RP) container. The security mechanism is not specified by JEE. Even though
it is very similar in each servlet container there are some differences which require a dedicated
Fediz plugin for each servlet container implementation. Most of the configuration goes into
a Servlet container independent configuration file which is described <a shape="rect" href="fediz-configuration.html">here</a></p><p>The
following lists shows the supported containers and the location of the installation and configuration
page.</p><ul><li><a shape="rect" href="fediz-tomcat.html">Tomcat 7
</a></li><li><a shape="rect" href="fediz-jetty.html">J
 etty 7/8 (1.1)</a></li><li><a shape="rect" href="fediz-spring.html">Spring
Security 3.1 (1.1)</a></li><li><a shape="rect" href="fediz-websphere.html">Websphere
7/8 (1.1)</a></li><li><a shape="rect" href="fediz-cxf.html">CXF (1.1)
</a></li></ul><h2 id="Fediz-Samples">Samples</h2><p>The
examples directory contains two sample relying party applications. They are independent of
each other, so it is not necessary to deploy both at once.</p><p>Each sample is
described in a <code>README.txt</code> file located in the base directory of each
sample.</p><div class="table-wrap"><table class="confluenceTable"><tbody><tr><th
colspan="1" rowspan="1" class="confluenceTh"><p>Sample</p></th><th
colspan="1" rowspan="1" class="confluenceTh"><p>Description</p></th></tr><tr><td
colspan="1" rowspan="1" class="confluenceTd"><p><strong>simpleWebapp</strong></p></td><td
colspan="1" rowspan="1" class="confluenceTd"><p>a simple web application which is
protected by the Fediz IDP. The FederationServlet illustr
 ates how to get security information using the standard APIs.</p></td></tr><tr><td
colspan="1" rowspan="1" class="confluenceTd"><p><strong>wsclientWebapp</strong></p></td><td
colspan="1" rowspan="1" class="confluenceTd"><p>a protected web application that
calls a web service that uses the Fediz STS to validate credentials. Here, the same STS is
used for token issuance (indirectly, by the web application through use of the Fediz IDP)
and validation. The FederationServlet illustrates how to securely call a web service.</p></td></tr></tbody></table></div><p><span
class="confluence-anchor-link" id="Fediz-building"></span></p><h2 id="Fediz-Building">Building</h2><p>Check
out the code from here:</p><ul><li>git clone -v <a shape="rect" class="external-link"
href="https://git-wip-us.apache.org/repos/asf/cxf-fediz.git">https://git-wip-us.apache.org/repos/asf/cxf-fediz.git</a></li></ul><p>Then
follow the <a shape="rect" class="external-link" href="http://svn.apache.org/viewvc/cxf/fediz/trunk/
 BUILDING.txt?view=markup">BUILDING.txt</a> file in the Fediz download for full build
instructions.</p><h5 id="Fediz-SettingupEclipse:">Setting up Eclipse:</h5><p>See
<a shape="rect" href="http://cxf.apache.org/setting-up-eclipse.html">this page</a>
for information on using the Eclipse IDE with the Fediz source code. This page is created
for CXF but the same commands are applicable for Fediz too.</p></div>
            </div>
            <!-- Content -->
          </td>



Mime
View raw message