cxf-issues mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Thierry Beucher (JIRA)" <>
Subject [jira] [Commented] (FEDIZ-41) Fediz IDP refactored with Spring Web Flow
Date Tue, 26 Mar 2013 15:13:15 GMT


Thierry Beucher commented on FEDIZ-41:

I recently submitted a pull request from tbrgit:cxf-fediz-swf branch and titled "cxf-fediz
IDP on top of Spring Web Flow" that you can examine at

To summarize, this pull request just suggests changing the way to implement an IDP basing
on Spring Web Flow instead of filters chain as currently.
The goal is to improve readability and flexibility, notably reducing the IDP java code base.

Please note the features contained are less ambitious than described in my previous comment,
for visibility reasons. 

Actually, this pull request is, as requested by Fediz team, stricly scoped to existing features
in apache/cxf fediz trunk and then introduce no new feature (such authentication by form or
support of remote/requestor IDP).

> Fediz IDP refactored with Spring Web Flow
> -----------------------------------------
>                 Key: FEDIZ-41
>                 URL:
>             Project: CXF-Fediz
>          Issue Type: Improvement
>          Components: IDP
>            Reporter: Thierry Beucher
>              Labels: patch
>         Attachments:
> I completely refactored Fediz idp component basing on Spring WebFlow : it can be found
as attached fediz-idp-swf.patch.
> Basically the idea was to remove complex chain of filters implementing the idp flow,
drastically reducing the base code.
> Applying the patch, all filters are removed and the master logic is migrated to federation-webflow.xml.
> It implies main other changes :
> •	web.xml : referencing new idp servlet handling web-flow and mapped to /federation
relative URL,
> •	new idp-servlet.xml including web-flow configuration and specific idp beans configuration
(which sources can be found into org.apache.cxf.fediz.service.idp.beans package),
> •	various new and modified jsp views invoked as SWF view or end states in flow (signinform.jsp,
signinresponseform.jsp, signoutresponse.jsp, genericerror.jsp and blank.jsp)
> The patch supports the following features, as currently implemented in original fediz-idp
 1.1.0-SNAPSHOT release :
> •	Login 
> •	Logout
> •	Basic authentication and Form authentication (switch from one to the other has currently
to be set in federation-webflow.xml)
> The patch has been successfully tested with singleWebapp project and webapp & fedizservice
> Note: the only change required for Relying Parties webapps is located in fediz-config.xml
: the protocol issuer should no longer be 
>                     <issuer>https://localhost:9443/fedizidp/</issuer>
> but
>                     <issuer>https://localhost:9443/fedizidp/federation</issuer>

This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see:

View raw message