cxf-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Beucher Thierry <thierry.beuc...@atos.net>
Subject Fediz IDP webflow
Date Tue, 23 Jul 2013 13:20:38 GMT
Hi,

I just contributed to https://issues.apache.org/jira/browse/FEDIZ-3 by adding a new patch
that supersedes the one provided by Oliver Wulff.
Based on the background code and the configuration provided by O.Wulff, integrating them,
this patch offers a new version of webflow supporting delegated authentication :
When a user accesses a resource on some RP protected by an IDP which does not make its authentication
but which is able to establish a relationship of trust with the IDP where the user is affiliated,
the resource IDP may propose to the user to specify the requestor IDP (user's "home realm")
to which delegate the authentication phase (if it cannot be determined by others means).
Once the requestor IDP proceeded to authentication, it return the requested security token
to the resource IDP (acting here as a RP), in such way this one can, in turn, issue another
requested security token to RP.
Resource and requestor IDPs are both configured with the same common webflow.

________________________________

Ce message et les pi?ces jointes sont confidentiels et r?serv?s ? l'usage exclusif de ses
destinataires. Il peut ?galement ?tre prot?g? par le secret professionnel. Si vous recevez
ce message par erreur, merci d'en avertir imm?diatement l'exp?diteur et de le d?truire. L'int?grit?
du message ne pouvant ?tre assur?e sur Internet, la responsabilit? d'Atos ne pourra ?tre recherch?e
quant au contenu de ce message. Bien que les meilleurs efforts soient faits pour maintenir
cette transmission exempte de tout virus, l'exp?diteur ne donne aucune garantie ? cet ?gard
et sa responsabilit? ne saurait ?tre recherch?e pour tout dommage r?sultant d'un virus transmis.

This e-mail and the documents attached are confidential and intended solely for the addressee;
it may also be privileged. If you receive this e-mail in error, please notify the sender immediately
and destroy it. As its integrity cannot be secured on the Internet, the Atos liability cannot
be triggered for the message content. Although the sender endeavours to maintain a computer
virus-free network, the sender does not warrant that this transmission is virus-free and will
not be liable for any damages resulting from any virus transmitted.

Mime
  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message