cxf-issues mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Thierry Beucher (JIRA)" <>
Subject [jira] [Commented] (FEDIZ-41) Fediz IDP refactored with Spring Web Flow
Date Fri, 18 Jan 2013 20:10:12 GMT


Thierry Beucher commented on FEDIZ-41:

Thank you, Colm, for your warning.

I have forked from to

Below is the brief summary of changes and enhancements compared to first draft patch delivery

*       Missing legal headers added
*       Compliance with Checkstyle and PMD rules
*       Useless SafeDispatcherServlet class removed
*       Major refactoring of 'federation-webflow.xml'
**           Chained protocol-oriented checks decision states have been merged in one
**           <transitions on-exception ... /> have been reviewed
*       The whole now runs with Fediz team existing integration tests (Jetty and Tomcat) for
BASIC authentication

This forked delivery contains also a starting point for "full" federation by supporting WS
Federation 'whr' query parameter :
*       which could be directly provided by the remote/requestor browser,
*       or selected by the remote user in local/resource IDP's 'signinform.jsp' (among available
partners realms registered : see 'IDPPartners.xml' file) if not provided.
On RP side, this feature requires a 'HomeRealmCallbackHandler' class (provided in this delivery)
configured in 'fediz_config.xml'  to intercept the 'whr' query parameter.

Of course, this delivery supersedes the previous attached patch.


> Fediz IDP refactored with Spring Web Flow
> -----------------------------------------
>                 Key: FEDIZ-41
>                 URL:
>             Project: CXF-Fediz
>          Issue Type: Improvement
>          Components: IDP
>            Reporter: Thierry Beucher
>              Labels: patch
>         Attachments:
> I completely refactored Fediz idp component basing on Spring WebFlow : it can be found
as attached fediz-idp-swf.patch.
> Basically the idea was to remove complex chain of filters implementing the idp flow,
drastically reducing the base code.
> Applying the patch, all filters are removed and the master logic is migrated to federation-webflow.xml.
> It implies main other changes :
> •	web.xml : referencing new idp servlet handling web-flow and mapped to /federation
relative URL,
> •	new idp-servlet.xml including web-flow configuration and specific idp beans configuration
(which sources can be found into org.apache.cxf.fediz.service.idp.beans package),
> •	various new and modified jsp views invoked as SWF view or end states in flow (signinform.jsp,
signinresponseform.jsp, signoutresponse.jsp, genericerror.jsp and blank.jsp)
> The patch supports the following features, as currently implemented in original fediz-idp
 1.1.0-SNAPSHOT release :
> •	Login 
> •	Logout
> •	Basic authentication and Form authentication (switch from one to the other has currently
to be set in federation-webflow.xml)
> The patch has been successfully tested with singleWebapp project and webapp & fedizservice
> Note: the only change required for Relying Parties webapps is located in fediz-config.xml
: the protocol issuer should no longer be 
>                     <issuer>https://localhost:9443/fedizidp/</issuer>
> but
>                     <issuer>https://localhost:9443/fedizidp/federation</issuer>

This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see:

View raw message