cxf-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Beucher Thierry <thierry.beuc...@atos.net>
Subject RE: Fediz IDP refactored
Date Mon, 07 Jan 2013 16:08:29 GMT
Hi,

As Juan Manuel Cabrera suggested, I completely refactored Fediz idp component basing on Spring
WebFlow : it can be found as attached fediz-idp-swf.patch.

Basically the idea was to remove complex chain of filters implementing the idp flow, drastically
reducing the base code.



Applying the patch, all filters are removed and the master logic is migrated to federation-webflow.xml.

It implies main other changes :

*         web.xml : referencing new idp servlet handling web-flow and mapped to /federation
relative URL,

*         new idp-servlet.xml including web-flow configuration and specific idp beans configuration
(which sources can be found into org.apache.cxf.fediz.service.idp.beans package),

*         various new and modified jsp views invoked as SWF view or end states in flow (signinform.jsp,
signinresponseform.jsp, signoutresponse.jsp, genericerror.jsp and blank.jsp)



The patch supports the following features, as currently implemented in original fediz-idp
 1.1.0-SNAPSHOT release :

*         Login

*         Logout

*         Basic authentication and Form authentication (switch from one to the other has currently
to be set in federation-webflow.xml)



The patch has been successfully tested with singleWebapp project and webapp & fedizservice
projects.


Note: the only change required for Relying Parties webapps is located in fediz-config.xml
: the protocol issuer should no longer be
                    <issuer>https://localhost:9443/fedizidp/</issuer<https://localhost:9443/fedizidp/%3c/issuer>>

but
                    <issuer>https://localhost:9443/fedizidp/federation</issuer<https://localhost:9443/fedizidp/federation%3c/issuer>>


All remarks will be welcomed...

Regards

________________________________

Ce message et les pi?ces jointes sont confidentiels et r?serv?s ? l'usage exclusif de ses
destinataires. Il peut ?galement ?tre prot?g? par le secret professionnel. Si vous recevez
ce message par erreur, merci d'en avertir imm?diatement l'exp?diteur et de le d?truire. L'int?grit?
du message ne pouvant ?tre assur?e sur Internet, la responsabilit? d'Atos ne pourra ?tre recherch?e
quant au contenu de ce message. Bien que les meilleurs efforts soient faits pour maintenir
cette transmission exempte de tout virus, l'exp?diteur ne donne aucune garantie ? cet ?gard
et sa responsabilit? ne saurait ?tre recherch?e pour tout dommage r?sultant d'un virus transmis.

This e-mail and the documents attached are confidential and intended solely for the addressee;
it may also be privileged. If you receive this e-mail in error, please notify the sender immediately
and destroy it. As its integrity cannot be secured on the Internet, the Atos liability cannot
be triggered for the message content. Although the sender endeavours to maintain a computer
virus-free network, the sender does not warrant that this transmission is virus-free and will
not be liable for any damages resulting from any virus transmitted.

Mime
  • Unnamed multipart/mixed (inline, None, 0 bytes)
View raw message