cxf-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Beucher Thierry <thierry.beuc...@atos.net>
Subject RE: Fediz IDP refactored
Date Fri, 18 Jan 2013 16:29:21 GMT
Hi all,

Thanks for your remarks.

As Dan suggested, I have forked from https://github.com/apache/cxf-fediz to https://github.com/tbrgit/cxf-fediz
last night (then after Colm commit # ef9a0fe5b8fecea18cce0eec3f2116e4aa51663f)

Below is the brief summary of changes and enhancements compared to first draft patch delivery
:

*       Missing legal headers added
*       Compliance with Checkstyle and PMD rules
*       Useless SafeDispatcherServlet class Oliver pointed me out removed
*       Major refactoring of federation-webflow.xml
*       Chained protocol-oriented checks decision states have been merged in one
*       <transitions on-exception ... /> have been reviewed
*       The whole now runs with integration tests (Jetty and Tomcat) for BASIC authentication
*       with refactoring of systests-jetty8 pom.xml --> maven-dependency-plugin 'unpack'
goal instead of 'copy'  to be compliant with  systests-tomcat7
*       with minor changes to systests-jetty8 jetty/idp-server.xml and jetty/rp-server.xml
 --> to be equivalent to systests-tomcat7 target structure
*       bug related to http return code 500 which should be 401 is fixed on my side (@Ignore
uncommented)
*       Note: I plan to add corresponding integration tests for FORM authentication

More, as "a cherry on the cake", this forked delivery contains a starting point for "full"
federation by supporting WS Federation 'whr' query parameter :
*       which could be directly provided by the remote/requestor browser,
*       or selected by the remote user in local/resource IDP's 'signinform.jsp' (among available
partners realms registered : see 'IDPPartners.xml' file) if not provided.
On RP side, this feature requires a 'HomeRealmCallbackHandler' class (provided in this delivery)
configured in 'fediz_config.xml'  to intercept the 'whr' query parameter.
It works on my side but currently I have not added dedicated integration tests.

Have all a good WE !

-----Message d'origine-----
De : Daniel Kulp [mailto:dkulp@apache.org]
Envoyé : lundi 14 janvier 2013 21:48
À : dev@cxf.apache.org; Oliver Wulff
Objet : Re: Fediz IDP refactored



On Jan 14, 2013, at 3:41 PM, Oliver Wulff <owulff@talend.com<mailto:owulff@talend.com>>
wrote:

> Hi there
>
> I had a look into it and it looks to be a really good starting point. As you wrote, it
is not yet complete.
>
> But there is still a lot of stuff to do. Due to the fact that you and maybe some others
will have to commit updates to it it might be easier to have a mirror a github thus you can
commit as well. When it is close to be complete I can merge it into the idp project at apache.

Yep.   All that CXF projects have git mirrors at Github already:
https://github.com/apache/cxf-fediz

that you can fork from.   Also, if you issue a "pull request", the notice should get sent
right to this list at which point we can review and pull if appropriate.

Dan



> Could you add the missing licensing header? Make the modifications to the idp project
itself thus the maven checkstyle are validated as there are some formatting issues. Not sure
about SafeDispatcherServlet as it looks to be from CAS.
>
> What do you think?
>
> I would also like to incorporate spring-security into it thus we can leverage the existing
authentication mechanisms provided by it. But one step after the other.
>
> Thanks
> Oli
>
>
> ------
>
> Oliver Wulff
>
> Blog: http://owulff.blogspot.com
> Solution Architect
> http://coders.talend.com
>
> Talend Application Integration Division http://www.talend.com
>
> ________________________________________
> From: Oliver Wulff [owulff@talend.com]
> Sent: 08 January 2013 20:20
> To: dev@cxf.apache.org<mailto:dev@cxf.apache.org>
> Subject: RE: Fediz IDP refactored
>
> Thanks Thierry. I'll look into this asap.
>
> Oli
>
> ------
>
> Oliver Wulff
>
> Blog: http://owulff.blogspot.com
> Solution Architect
> http://coders.talend.com
>
> Talend Application Integration Division http://www.talend.com
>
> ________________________________________
> From: Beucher Thierry [thierry.beucher@atos.net]
> Sent: 08 January 2013 17:52
> To: dev@cxf.apache.org<mailto:dev@cxf.apache.org>
> Subject: RE: Fediz IDP refactored
>
> A new post about 'Fediz IDP refactored with Spring Web Flow' has been added to Fediz
JIRA repository.
> at https://issues.apache.org/jira/browse/FEDIZ-41
>
>
>
> Ce message et les pièces jointes sont confidentiels et réservés à l'usage exclusif
de ses destinataires. Il peut également être protégé par le secret professionnel. Si vous
recevez ce message par erreur, merci d'en avertir immédiatement l'expéditeur et de le détruire.
L'intégrité du message ne pouvant être assurée sur Internet, la responsabilité d'Atos
ne pourra être recherchée quant au contenu de ce message. Bien que les meilleurs efforts
soient faits pour maintenir cette transmission exempte de tout virus, l'expéditeur ne donne
aucune garantie à cet égard et sa responsabilité ne saurait être recherchée pour tout
dommage résultant d'un virus transmis.
>
> This e-mail and the documents attached are confidential and intended solely for the addressee;
it may also be privileged. If you receive this e-mail in error, please notify the sender immediately
and destroy it. As its integrity cannot be secured on the Internet, the Atos liability cannot
be triggered for the message content. Although the sender endeavours to maintain a computer
virus-free network, the sender does not warrant that this transmission is virus-free and will
not be liable for any damages resulting from any virus transmitted.

--
Daniel Kulp
dkulp@apache.org<mailto:dkulp@apache.org> - http://dankulp.com/blog Talend Community
Coder - http://coders.talend.com



  ________________________________

Ce message et les pièces jointes sont confidentiels et réservés à l'usage exclusif de
ses destinataires. Il peut également être protégé par le secret professionnel. Si vous
recevez ce message par erreur, merci d'en avertir immédiatement l'expéditeur et de le détruire.
L'intégrité du message ne pouvant être assurée sur Internet, la responsabilité d'Atos
ne pourra être recherchée quant au contenu de ce message. Bien que les meilleurs efforts
soient faits pour maintenir cette transmission exempte de tout virus, l'expéditeur ne donne
aucune garantie à cet égard et sa responsabilité ne saurait être recherchée pour tout
dommage résultant d'un virus transmis.

This e-mail and the documents attached are confidential and intended solely for the addressee;
it may also be privileged. If you receive this e-mail in error, please notify the sender immediately
and destroy it. As its integrity cannot be secured on the Internet, the Atos liability cannot
be triggered for the message content. Although the sender endeavours to maintain a computer
virus-free network, the sender does not warrant that this transmission is virus-free and will
not be liable for any damages resulting from any virus transmitted.

Mime
  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message