cxf-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Oliver Wulff <owu...@talend.com>
Subject RE: Updated Fediz roadmap
Date Thu, 18 Oct 2012 18:02:29 GMT
Hi all

The following issues were fixed:
FEDIZ-17    Current Fediz STS exposes SOAP 1.1 end point
FEDIZ-18    Make supported claims configurable in FileClaimsHandler
FEDIZ-25    Look for fediz_config.xml in catalina base too
FEDIZ-20    Maintain authentication state (Prevents using the same Fediz IDP for different
RPs)
FEDIZ-28    Logout capability in IDP

I'd like to prepare the release for 1.0.2 which is a significant improvement especially of
the idp/sts.

Then, I'd create a fixes branch for 1.0 and move trunk to 1.1.

Thoughts?



------

Oliver Wulff

Blog: http://owulff.blogspot.com
Solution Architect
http://coders.talend.com

Talend Application Integration Division http://www.talend.com

________________________________________
From: Oliver Wulff [owulff@talend.com]
Sent: 04 October 2012 21:59
To: dev@cxf.apache.org
Subject: Updated Fediz roadmap

Hi all

What do you think about the following roadmap?

Release 1.0.2   (include CXF STS 2.6.3)

FEDIZ-17    Current Fediz STS exposes SOAP 1.1 end point
FEDIZ-18    Make supported claims configurable in FileClaimsHandler
FEDIZ-25    Look for fediz_config.xml in catalina base too
FEDIZ-20    Maintain authentication state (Prevents using the same Fediz IDP for different
RPs)
FEDIZ-27    Signout in RP (only support processing signout requests, don't support redirect
signout to IDP)
FEDIZ-28    Logout capability in IDP


Release 1.1 (planned release end of year)
---------------

FEDIZ-5
Support Jetty container (will support then TESB with WAR deployment)

FEDIZ-9 CXF Plugin
- add jaxrs interceptor which adapts fediz-core to support WS-Federation for JAX-RS
- add FederationFilter, SecurityTokenThreadLocal, ThreadLocalCallbackHandler from examples"

FEDIZ-2    Support encrypted tokens
    Support encrypted tokens
    "Initial redesign of IDP...
 custom functionality can be plugged in as ServletFilters (small state machine in IDP)
 configuration design (configs per wtrealm, url to metadata or everything local, not all information
can be retrieved from metadata document)"

FEDIZ-23    Support different authentication mechanism

FEDIZ-15    Support that IDP publishes Metadata document (which covers SAML-P as well)

FEDIZ-16    Instead configure required claims per wtrealm in RPClaims.xml configure the metadata
url

FEDIZ-19    "IDP must provide a webpage where the user can click logout (login if requested
explicitly)
All signed in apps must be cached
After signout click, IDP returns html page which downloads a resource from each RP

    Support for wfresh (reauthenticate)
    Pseudonym Service support


Release 1.2 (planned release Q1 of 2013)
---------------

FEDIZ-3    "Support RP-IDP/STS
add basic home realm discovery service (whr provided by RP), default RP and maybe dependent
on source ip, http header, query parameter (expression language)"

FEDIZ-4    "Support for HOK

FEDIZ-7    Support for SAML-P


Looking forward for your feedback, ideas and as always welcome - patches ;-)

Thanks
Oli




------

Oliver Wulff

Blog: http://owulff.blogspot.com<http://owulff.blogspot.com/>
Solution Architect
http://coders.talend.com

<http://coders.talend.com>Talend Application Integration Division http://www.talend.com
Mime
View raw message