Repository: cxf-fediz Updated Branches: refs/heads/master 230bce9af -> 8fc324cb9
Fixing federation test Project: http://git-wip-us.apache.org/repos/asf/cxf-fediz/repo Commit: http://git-wip-us.apache.org/repos/asf/cxf-fediz/commit/6e194ab1 Tree: http://git-wip-us.apache.org/repos/asf/cxf-fediz/tree/6e194ab1 Diff: http://git-wip-us.apache.org/repos/asf/cxf-fediz/diff/6e194ab1 Branch: refs/heads/master Commit: 6e194ab15ffff76015bdcae7fc8a0bc56737085a Parents: 230bce9 Author: Colm O hEigeartaigh <[email protected]> Authored: Thu Apr 9 12:12:30 2015 +0100 Committer: Colm O hEigeartaigh <[email protected]> Committed: Thu Apr 9 12:12:30 2015 +0100 ---------------------------------------------------------------------- .../idp/src/main/resources/entities-realmb.xml | 2 +- .../main/webapp/WEB-INF/idp-config-realmb.xml | 2 +- .../test/resources/realma/entities-realma.xml | 2 +- .../test/resources/realmb/entities-realmb.xml | 2 +- .../src/test/resources/realmb/idp-servlet.xml | 2 ++ .../test/resources/realmb/security-config.xml | 20 ++++++++++++++++---- 6 files changed, 22 insertions(+), 8 deletions(-) ---------------------------------------------------------------------- http://git-wip-us.apache.org/repos/asf/cxf-fediz/blob/6e194ab1/services/idp/src/main/resources/entities-realmb.xml ---------------------------------------------------------------------- diff --git a/services/idp/src/main/resources/entities-realmb.xml b/services/idp/src/main/resources/entities-realmb.xml index be99344..3f17472 100644 --- a/services/idp/src/main/resources/entities-realmb.xml +++ b/services/idp/src/main/resources/entities-realmb.xml @@ -51,7 +51,7 @@ </property> <property name="authenticationURIs"> <util:map> - <entry key="default" value="/login/default" /> + <entry key="default" value="federation/up" /> </util:map> </property> <property name="serviceDisplayName" value="REALM B" /> http://git-wip-us.apache.org/repos/asf/cxf-fediz/blob/6e194ab1/services/idp/src/main/webapp/WEB-INF/idp-config-realmb.xml ---------------------------------------------------------------------- diff --git a/services/idp/src/main/webapp/WEB-INF/idp-config-realmb.xml b/services/idp/src/main/webapp/WEB-INF/idp-config-realmb.xml index a8c8a3b..830dc78 100644 --- a/services/idp/src/main/webapp/WEB-INF/idp-config-realmb.xml +++ b/services/idp/src/main/webapp/WEB-INF/idp-config-realmb.xml @@ -73,7 +73,7 @@ </property> <property name="authenticationURIs"> <util:map> - <entry key="default" value="/login/default" /> + <entry key="default" value="federation/up" /> </util:map> </property> <property name="serviceDisplayName" value="REALM B" /> http://git-wip-us.apache.org/repos/asf/cxf-fediz/blob/6e194ab1/systests/federation/wsfed/src/test/resources/realma/entities-realma.xml ---------------------------------------------------------------------- diff --git a/systests/federation/wsfed/src/test/resources/realma/entities-realma.xml b/systests/federation/wsfed/src/test/resources/realma/entities-realma.xml index 418c03a..a3e1a36 100644 --- a/systests/federation/wsfed/src/test/resources/realma/entities-realma.xml +++ b/systests/federation/wsfed/src/test/resources/realma/entities-realma.xml @@ -52,7 +52,7 @@ </property> <property name="authenticationURIs"> <util:map> - <entry key="default" value="/login/default" /> + <entry key="default" value="federation/up" /> </util:map> </property> <property name="serviceDisplayName" value="REALM A" /> http://git-wip-us.apache.org/repos/asf/cxf-fediz/blob/6e194ab1/systests/federation/wsfed/src/test/resources/realmb/entities-realmb.xml ---------------------------------------------------------------------- diff --git a/systests/federation/wsfed/src/test/resources/realmb/entities-realmb.xml b/systests/federation/wsfed/src/test/resources/realmb/entities-realmb.xml index 9e24cb2..fc203fb 100644 --- a/systests/federation/wsfed/src/test/resources/realmb/entities-realmb.xml +++ b/systests/federation/wsfed/src/test/resources/realmb/entities-realmb.xml @@ -51,7 +51,7 @@ </property> <property name="authenticationURIs"> <util:map> - <entry key="default" value="/login/default" /> + <entry key="default" value="federation/up" /> </util:map> </property> <property name="serviceDisplayName" value="REALM B" /> http://git-wip-us.apache.org/repos/asf/cxf-fediz/blob/6e194ab1/systests/federation/wsfed/src/test/resources/realmb/idp-servlet.xml ---------------------------------------------------------------------- diff --git a/systests/federation/wsfed/src/test/resources/realmb/idp-servlet.xml b/systests/federation/wsfed/src/test/resources/realmb/idp-servlet.xml index 2042e8e..489aa3a 100644 --- a/systests/federation/wsfed/src/test/resources/realmb/idp-servlet.xml +++ b/systests/federation/wsfed/src/test/resources/realmb/idp-servlet.xml @@ -75,6 +75,8 @@ flow-builder-services="builder"> <webflow:flow-location path="/WEB-INF/federation-validate-request.xml" id="federation" /> + <webflow:flow-location + path="/WEB-INF/federation-validate-request.xml" id="federation/up" /> <webflow:flow-location path="/WEB-INF/federation-signin-request.xml" id="signinRequest" /> <webflow:flow-location path="/WEB-INF/federation-signin-response.xml" http://git-wip-us.apache.org/repos/asf/cxf-fediz/blob/6e194ab1/systests/federation/wsfed/src/test/resources/realmb/security-config.xml ---------------------------------------------------------------------- diff --git a/systests/federation/wsfed/src/test/resources/realmb/security-config.xml b/systests/federation/wsfed/src/test/resources/realmb/security-config.xml index 7b5b522..7d869c3 100644 --- a/systests/federation/wsfed/src/test/resources/realmb/security-config.xml +++ b/systests/federation/wsfed/src/test/resources/realmb/security-config.xml @@ -66,13 +66,25 @@ <security:authentication-provider ref="stsAuthProvider" /> </security:authentication-manager> - <security:http use-expressions="true"> + <!-- Redirects to a dedicated http config --> + <bean id="federationEntryPoint" class="org.apache.cxf.fediz.service.idp.FederationEntryPoint"> + <property name="realm" value="urn:org:apache:cxf:fediz:idp:realm-B" /> + <property name="configService" ref="config" /> + </bean> + + <!-- Main entry point --> + <security:http pattern="/federation" use-expressions="true" entry-point-ref="federationEntryPoint"> + <security:custom-filter after="CHANNEL_FILTER" ref="stsPortFilter" /> + <security:custom-filter after="SERVLET_API_SUPPORT_FILTER" ref="entitlementsEnricher" /> + <security:intercept-url pattern="/FederationMetadata/2007-06/FederationMetadata.xml" access="isAnonymous() or isAuthenticated()" /> + </security:http> + + <!-- HTTP/BA entry point --> + <security:http pattern="/federation/up" use-expressions="true"> <security:custom-filter after="CHANNEL_FILTER" ref="stsPortFilter" /> <security:custom-filter after="SERVLET_API_SUPPORT_FILTER" ref="entitlementsEnricher" /> <security:intercept-url pattern="/FederationMetadata/2007-06/FederationMetadata.xml" access="isAnonymous() or isAuthenticated()" /> - <!-- MUST be http-basic thus systests run fine --> - <!--<security:form-login />--> <security:http-basic /> <security:logout delete-cookies="FEDIZ_HOME_REALM" invalidate-session="true" /> </security:http> @@ -85,7 +97,7 @@ <bean id="entitlementsEnricher" class="org.apache.cxf.fediz.service.idp.service.security.GrantedAuthorityEntitlements" /> - <bean id="stsAuthProvider" class="org.apache.cxf.fediz.service.idp.STSAuthenticationProvider"> + <bean id="stsAuthProvider" class="org.apache.cxf.fediz.service.idp.STSUPAuthenticationProvider"> <property name="wsdlLocation" value="https://localhost:0/fediz-idp-sts-realmb/${realm.STS_URI}/STSServiceTransportUT?wsdl"/> <property name="wsdlEndpoint" value="TransportUT_Port"/> <property name="wsdlService" value="SecurityTokenService"/>
