Author: buildbot
Date: Thu Aug 16 09:59:40 2018
New Revision: 1034029
Log:
Production update by buildbot for cxf
Modified:
websites/production/cxf/content/cache/main.pageCache
websites/production/cxf/content/fediz-spring.html
websites/production/cxf/content/fediz.html
Modified: websites/production/cxf/content/cache/main.pageCache
==============================================================================
Binary files - no diff available.
Modified: websites/production/cxf/content/fediz-spring.html
==============================================================================
--- websites/production/cxf/content/fediz-spring.html (original)
+++ websites/production/cxf/content/fediz-spring.html Thu Aug 16 09:59:40 2018
@@ -110,40 +110,8 @@ Apache CXF -- Fediz Spring
<td height="100%">
<!-- Content -->
<div class="wiki-content">
-<div id="ConfluenceContent"><h1
id="FedizSpring-SpringSecurity3.1Plugin(1.1)">Spring Security 3.1 Plugin
(1.1)</h1>
-
-<p>This page describes how to enable Federation for a <a shape="rect"
class="external-link"
href="http://static.springsource.org/spring-security/site/docs/3.1.x/reference/springsecurity.html";
rel="nofollow">Spring Security</a> based Web Application. Spring Security
provides more authorization capabilities than defined in the Java Servlet
specification. Beyond authorizing web requests Spring Security supports
authorizing whether methods can be invoked and authorizing access to individual
domain object instances.</p>
-
-<p>Spring Security supports two deployment options. On the one hand,
authentication and authorization is enforced by the underlying Servlet
Container or on the other hand by Spring Security embedded with the
application. The former ensures that the application is only called if
authentication is successful. This can be controlled by an
administrator/operator. This option is called <a shape="rect"
class="external-link"
href="http://static.springsource.org/spring-security/site/docs/3.1.x/reference/preauth.html";
rel="nofollow">Pre-Authentication</a>. The latter gives all the control to the
application developer and removes the dependency to security configuration in
the Servlet Container. This simplifies deploying an application into different
Serlvet Container environments.</p>
-
-<p>Both options are valid and it mainly depends on the policies/requirements
within a company which is a better fit. Questions to be answered are: Who
should manage the security enforcement (Application developer, Administrator)?
Do you have to deploy the application into different Servlet Container
environments?</p>
-
-<p>Prior to doing this configuration, make sure you've first deployed the
Fediz IDP and STS on the Tomcat IDP instance as discussed <a shape="rect"
href="fediz-idp.html">here</a>, and can view the STS WSDL at the URL given on
that page.</p>
-
-<h3 id="FedizSpring-Installation">Installation</h3>
-
-<p>You can either build the Fediz plugin on your own, download the package <a
shape="rect" href="fediz-downloads.html">here</a> or add the dependency to your
Maven project. If you have built the plugin on your own you'll find the
required libraries in
<code>plugins/spring/target/...zip-with-dependencies.zip</code></p>
-
-<p>It's recommended to use Maven to resolve all the dependencies as
illustrated in the two examples <em>springWebapp</em> and
<em>springPreAuthWebapp</em>. Each example contains a README with instructions
for building and deployment.</p>
-
-<h3 id="FedizSpring-WebApplicationwithPre-AuthenticationSpringSecurity">Web
Application with Pre-Authentication Spring Security</h3>
-
-<p>The role of the Fediz Spring plugin in the case of Servlet Container
managed security is to adapt the security context of the Servlet Container to
the Spring Security Context. This allows to configure authorization for web
requests and method calls based on Spring Security.</p>
-
-<p>This deployment option requires to configure Fediz into the Servlet
Container which is described here:</p>
-<ul><li><a shape="rect" href="fediz-tomcat.html">Tomcat</a></li><li><a
shape="rect" href="fediz-jetty.html">Jetty</a></li></ul>
-
-
-<h5 id="FedizSpring-FedizPluginconfigurationforYourWebApplication">Fediz
Plugin configuration for Your Web Application</h5>
-
-<p>The Fediz related configuration is done in a Servlet Container independent
configuration file which is described <a shape="rect"
href="fediz-configuration.html">here</a>.</p>
-
-<h5 id="FedizSpring-SpringSecurityConfiguration">Spring Security
Configuration</h5>
-
-<p>The following configuration snippets illustrate the Fediz related
configuration. The complete configuration file can be found in the example
<em>springPreAuthWebapp</em>.</p>
-
-<div class="code panel pdl" style="border-style: solid;border-width:
1px;"><div class="codeHeader panelHeader pdl" style="border-bottom-width:
1px;border-bottom-style:
solid;"><b>applicationContext-security.xml</b></div><div class="codeContent
panelContent pdl">
-<pre class="brush: java; gutter: false; theme: Default"
style="font-size:12px;">
+<div id="ConfluenceContent"><h1 id="FedizSpring-SpringSecurityPlugin">Spring
Security Plugin</h1><p>Apache CXF Fediz ships three different plugins for
Spring Security - supporting Spring Security 2, 3 and 4.</p><p>This page
describes how to enable Federation for a <a shape="rect" class="external-link"
href="https://docs.spring.io/spring-security/site/docs/4.2.x/reference/html/";
rel="nofollow">Spring Security</a> based Web Application. Spring Security
provides more authorization capabilities than defined in the Java Servlet
specification. Beyond authorizing web requests Spring Security supports
authorizing whether methods can be invoked and authorizing access to individual
domain object instances.</p><p>Spring Security supports two deployment options.
On the one hand, authentication and authorization is enforced by the underlying
Servlet Container or on the other hand by Spring Security embedded with the
application. The former ensures that the application is only called if authentic
ation is successful. This can be controlled by an administrator/operator. This
option is called <a shape="rect" class="external-link"
href="https://docs.spring.io/spring-security/site/docs/4.2.x/reference/html/preauth.html";
rel="nofollow">Pre-Authentication</a>. The latter gives all the control to the
application developer and removes the dependency to security configuration in
the Servlet Container. This simplifies deploying an application into different
Serlvet Container environments.</p><p>Both options are valid and it mainly
depends on the policies/requirements within a company which is a better fit.
Questions to be answered are: Who should manage the security enforcement
(Application developer, Administrator)? Do you have to deploy the application
into different Servlet Container environments?</p><p>Prior to doing this
configuration, make sure you've first deployed the Fediz IDP and STS on the
Tomcat IDP instance as discussed <a shape="rect"
href="fediz-idp-10.html">here</a>, a
nd can view the STS WSDL at the URL given on that page.</p><h3
id="FedizSpring-Installation">Installation</h3><p>You can either build the
Fediz plugin on your own, download the package <a shape="rect"
href="fediz-downloads.html">here</a> or add the dependency to your Maven
project. If you have built the plugin on your own you'll find the required
libraries in
<code>plugins/spring/target/...zip-with-dependencies.zip</code></p><p>It's
recommended to use Maven to resolve all the dependencies as illustrated in the
two examples <em>springWebapp</em> and <em>springPreAuthWebapp</em>. Each
example contains a README with instructions for building and deployment.</p><h3
id="FedizSpring-WebApplicationwithPre-AuthenticationSpringSecurity">Web
Application with Pre-Authentication Spring Security</h3><p>The role of the
Fediz Spring plugin in the case of Servlet Container managed security is to
adapt the security context of the Servlet Container to the Spring Security
Context. This allows to confi
gure authorization for web requests and method calls based on Spring
Security.</p><p>This deployment option requires to configure Fediz into the
Servlet Container which is described here:</p><ul><li><a shape="rect"
href="fediz-tomcat.html">Tomcat</a></li><li><a shape="rect"
href="fediz-jetty.html">Jetty</a></li></ul><h5
id="FedizSpring-FedizPluginconfigurationforYourWebApplication">Fediz Plugin
configuration for Your Web Application</h5><p>The Fediz related configuration
is done in a Servlet Container independent configuration file which is
described <a shape="rect" href="fediz-configuration.html">here</a>.</p><h5
id="FedizSpring-SpringSecurityConfiguration">Spring Security
Configuration</h5><p>The following configuration snippets illustrate the Fediz
related configuration. The complete configuration file can be found in the
example <em>springPreAuthWebapp</em>.</p><div class="code panel pdl"
style="border-style: solid;border-width: 1px;"><div class="codeHeader
panelHeader pdl" styl
e="border-bottom-width: 1px;border-bottom-style:
solid;"><b>applicationContext-security.xml</b></div><div class="codeContent
panelContent pdl">
+<pre class="brush: java; gutter: false; theme: Default">
<bean id="preAuthenticatedUserDetailsService"
class="org.apache.cxf.fediz.spring.preauth.PreAuthenticatedGrantedAuthoritiesUserDetailsFederationService"/>
@@ -177,34 +145,12 @@ Apache CXF -- Fediz Spring
</property>
</bean>
</pre>
-</div></div>
-
-<p>The beans <em>preAuthenticatedUserDetailsService</em> and
<em>j2eePreAuthFilter</em> are required to provide the Fediz related security
information (claims, login token) to the Spring Security Context. The bean
<em>fsi</em> defines the authorization for the web requests which looks similar
to security constraints definition in <code>web.xml</code>.</p>
-
-<p>The following code snippet of the FederationServlet example illustrates how
to get access to the Spring Security Context of the current user.</p>
-
-<div class="code panel pdl" style="border-style: solid;border-width:
1px;"><div class="codeHeader panelHeader pdl" style="border-bottom-width:
1px;border-bottom-style: solid;"><b>FederationServlet.java</b></div><div
class="codeContent panelContent pdl">
-<pre class="brush: java; gutter: false; theme: Default"
style="font-size:12px;">
+</div></div><p>The beans <em>preAuthenticatedUserDetailsService</em> and
<em>j2eePreAuthFilter</em> are required to provide the Fediz related security
information (claims, login token) to the Spring Security Context. The bean
<em>fsi</em> defines the authorization for the web requests which looks similar
to security constraints definition in <code>web.xml</code>.</p><p>The following
code snippet of the FederationServlet example illustrates how to get access to
the Spring Security Context of the current user.</p><div class="code panel pdl"
style="border-style: solid;border-width: 1px;"><div class="codeHeader
panelHeader pdl" style="border-bottom-width: 1px;border-bottom-style:
solid;"><b>FederationServlet.java</b></div><div class="codeContent panelContent
pdl">
+<pre class="brush: java; gutter: false; theme: Default">
Authentication obj =
SecurityContextHolder.getContext().getAuthentication();
</pre>
-</div></div>
-
-<p>The <code>Authentication</code> object can be casted to the
<code>FederationAuthentiationToken</code> which provides access to Claims,
login token, etc.</p>
-
-<h3 id="FedizSpring-WebApplicationwith"native"SpringSecurity">Web
Application with "native" Spring Security</h3>
-
-<p>In this case, authentication and authorization are managed by Spring
Security only. The Fediz Spring Plugin provides the implementation of
WS-Federation by implementing certain Spring Security interfaces. Finally, this
results into the creation of the Spring Security Context. You can use Spring's
authorization capabilities for web requests and method calls. The example
<em>springWebapp</em> only illustrates authorizing web requests. Method based
authorization is described <a shape="rect" class="external-link"
href="http://static.springsource.org/spring-security/site/docs/3.1.x/reference/ns-config.html#ns-method-security";
rel="nofollow">here</a>.</p>
-
-<h5 id="FedizSpring-FedizPluginconfigurationforYourWebApplication.1">Fediz
Plugin configuration for Your Web Application</h5>
-
-<p>The Fediz related configuration is done in a Servlet Container independent
configuration file which is described <a shape="rect"
href="fediz-configuration.html">here</a>.</p>
-
-<h5 id="FedizSpring-SpringSecurityConfiguration.1">Spring Security
Configuration</h5>
-
-<p>The following configuration snippets illustrate the Fediz related
configuration. The complete configuration file can be found in the example
<em>springWebapp</em>.</p>
-
-<div class="code panel pdl" style="border-style: solid;border-width:
1px;"><div class="codeHeader panelHeader pdl" style="border-bottom-width:
1px;border-bottom-style:
solid;"><b>applicationContext-security.xml</b></div><div class="codeContent
panelContent pdl">
-<pre class="brush: java; gutter: false; theme: Default"
style="font-size:12px;">
+</div></div><p>The <code>Authentication</code> object can be casted to the
<code>FederationAuthentiationToken</code> which provides access to Claims,
login token, etc.</p><h3
id="FedizSpring-WebApplicationwith"native"SpringSecurity">Web
Application with "native" Spring Security</h3><p>In this case, authentication
and authorization are managed by Spring Security only. The Fediz Spring Plugin
provides the implementation of WS-Federation by implementing certain Spring
Security interfaces. Finally, this results into the creation of the Spring
Security Context. You can use Spring's authorization capabilities for web
requests and method calls. The example <em>springWebapp</em> only illustrates
authorizing web requests. Method based authorization is described <a
shape="rect" class="external-link"
href="http://static.springsource.org/spring-security/site/docs/3.1.x/reference/ns-config.html#ns-method-security";
rel="nofollow">here</a>.</p><h5 id="FedizSpring-FedizPluginconfiguration
forYourWebApplication.1">Fediz Plugin configuration for Your Web
Application</h5><p>The Fediz related configuration is done in a Servlet
Container independent configuration file which is described <a shape="rect"
href="fediz-configuration.html">here</a>.</p><h5
id="FedizSpring-SpringSecurityConfiguration.1">Spring Security
Configuration</h5><p>The following configuration snippets illustrate the Fediz
related configuration. The complete configuration file can be found in the
example <em>springWebapp</em>.</p><div class="code panel pdl"
style="border-style: solid;border-width: 1px;"><div class="codeHeader
panelHeader pdl" style="border-bottom-width: 1px;border-bottom-style:
solid;"><b>applicationContext-security.xml</b></div><div class="codeContent
panelContent pdl">
+<pre class="brush: java; gutter: false; theme: Default">
<sec:http entry-point-ref="federationEntryPoint"
use-expressions="true">
<sec:intercept-url pattern="/" access="permitAll"/>
<sec:intercept-url pattern="/fediz" access="permitAll"/>
@@ -243,14 +189,8 @@ Apache CXF -- Fediz Spring
</property>
</bean>
</pre>
-</div></div>
-
-<p>The <em>http</em> element is the key element which depends on the other
bean definitions like <em>federationFilter</em> and the
<em>federationAuthProvider</em>. Web request authorizing is configured in the
<em>http</em> element as well which looks similar to security constraints
definition in <code>web.xml</code>.</p>
-
-<p>The following code snippet of the FederationServlet example illustrates how
to get access to the Spring Security Context of the current user and to the
Federation releated information like claims and login token.</p>
-
-<div class="code panel pdl" style="border-style: solid;border-width:
1px;"><div class="codeHeader panelHeader pdl" style="border-bottom-width:
1px;border-bottom-style: solid;"><b>FederationServlet.java</b></div><div
class="codeContent panelContent pdl">
-<pre class="brush: java; gutter: false; theme: Default"
style="font-size:12px;">
+</div></div><p>The <em>http</em> element is the key element which depends on
the other bean definitions like <em>federationFilter</em> and the
<em>federationAuthProvider</em>. Web request authorizing is configured in the
<em>http</em> element as well which looks similar to security constraints
definition in <code>web.xml</code>.</p><p>The following code snippet of the
FederationServlet example illustrates how to get access to the Spring Security
Context of the current user and to the Federation releated information like
claims and login token.</p><div class="code panel pdl" style="border-style:
solid;border-width: 1px;"><div class="codeHeader panelHeader pdl"
style="border-bottom-width: 1px;border-bottom-style:
solid;"><b>FederationServlet.java</b></div><div class="codeContent panelContent
pdl">
+<pre class="brush: java; gutter: false; theme: Default">
Authentication obj =
SecurityContextHolder.getContext().getAuthentication();
FederationAuthenticationToken fedAuthToken =
(FederationAuthenticationToken)auth;
for (GrantedAuthority item : fedAuthToken.getAuthorities()) {
@@ -262,14 +202,7 @@ Apache CXF -- Fediz Spring
...
}
</pre>
-</div></div>
-
-
-<h3 id="FedizSpring-FederationMetadatadocument">Federation Metadata
document</h3>
-
-<p>The Spring Security Fediz plugin supports publishing the WS-Federation
Metadata document which is described <a shape="rect"
href="fediz-metadata.html">here</a>.</p>
-
-</div>
+</div></div><h3 id="FedizSpring-FederationMetadatadocument">Federation
Metadata document</h3><p>The Spring Security Fediz plugin supports publishing
the WS-Federation Metadata document which is described <a shape="rect"
href="fediz-metadata.html">here</a>.</p></div>
</div>
<!-- Content -->
</td>
Modified: websites/production/cxf/content/fediz.html
==============================================================================
--- websites/production/cxf/content/fediz.html (original)
+++ websites/production/cxf/content/fediz.html Thu Aug 16 09:59:40 2018
@@ -99,7 +99,7 @@ Apache CXF -- Fediz
<td height="100%">
<!-- Content -->
<div class="wiki-content">
-<div id="ConfluenceContent"><h1
id="Fediz-ApacheCXFFediz:AnOpen-SourceWebSecurityFramework">Apache CXF Fediz:
An Open-Source Web Security Framework</h1><h2
id="Fediz-Overview">Overview</h2><p>Apache CXF Fediz is a subproject of CXF.
Fediz helps you to secure your web applications and delegates security
enforcement to the underlying application server. With Fediz, authentication is
externalized from your web application to an identity provider installed as a
dedicated server component. Apache CXF Fediz supports both <a shape="rect"
class="external-link"
href="http://docs.oasis-open.org/wsfed/federation/v1.2/os/ws-federation-1.2-spec-os.html#_Toc223175002";
rel="nofollow">WS-Federation Passive Requestor Profile</a> and the <a
shape="rect" class="external-link"
href="https://docs.oasis-open.org/security/saml/v2.0/saml-profiles-2.0-os.pdf";
rel="nofollow">SAML Web Browser SSO Profile</a>. Fediz supports <a shape="rect"
class="external-link" href="http://en.wikipedia.org/wiki/Claims-based_
identity" rel="nofollow">Claims Based Access Control</a> beyond Role Based
Access Control (RBAC).</p><h2
id="Fediz-News">News</h2><p><strong><strong><strong><strong>June 29, 2018 -
<strong><strong>Apache CXF Fediz 1.4.4</strong></strong>
released</strong></strong></strong></strong></p><p>Apache CXF Fediz 1.4.4 has
been released. A new security advisory has been released for an issue that was
fixed in this release:</p><ul><li><a shape="rect"
href="http://cxf.apache.org/security-advisories.data/CVE-2018-8038.txt.asc";>CVE-2018-8038</a>:
Apache CXF Fediz is vulnerable to DTD based XML
attacks.</li></ul><p><strong><strong><strong><strong>November 30, 2017 -
<strong><strong>Apache CXF Fediz 1.4.</strong></strong>3 and 1.3.3
released</strong></strong></strong></strong></p><p>Apache CXF Fediz 1.4.3 and
1.3.3 have been released. A new security advisory has been released for an
issue that was fixed in these releases:</p><ul><li><a shape="rect"
href="http://cxf.apache.org/security-advisories.d
ata/CVE-2017-12631.txt.asc">CVE-2017-12631</a>: CSRF vulnerabilities in
the Apache CXF Fediz Spring plugins.</li></ul><h2
id="Fediz-Download">Download</h2><p>See <a shape="rect"
href="fediz-downloads.html">here</a>.</p><h2 id="Fediz-ProjectSource">Project
Source</h2><p>The Apache CXF Fediz sources are hosted at <a shape="rect"
class="external-link" href="https://gitbox.apache.org/";>Apache gitbox</a>. This
includes a full two way sync with github. As github provides the nicer user
interface we now recommend to directly work on the github cxf
repo.</p><ul><li>Web Browsing: <a shape="rect" class="external-link"
href="https://github.com/apache/cxf-fediz";
rel="nofollow">https://github.com/apache/cxf-fediz</a></li><li>Checking out
from GIT: git clone g...@github.com:apache/cxf-fediz.git</li></ul><p>CXF
committers can directly commit to github after doing the <a shape="rect"
class="external-link"
href="https://gitbox.apache.org/setup/";>Apache gitbox setup</a>. Be aware t
hat the sync might take half an hour before you are added to the CXF github
group.</p><ul><li>Forking and Pull Requests: See <a shape="rect"
href="getting-involved.html">Getting Involved</a></li><li>Building the Source:
Follow the <a shape="rect" class="external-link"
href="https://github.com/apache/cxf-fediz/blob/master/BUILDING.txt";
rel="nofollow">BUILDING.txt</a> file in the Fediz download for full build
instructions.</li><li>Eclipse: See <a shape="rect"
href="http://cxf.apache.org/setting-up-eclipse.html";>this page</a> for
information on using the Eclipse IDE with the Fediz source code. This page is
created for CXF but the same commands are applicable for Fediz
too.</li></ul><h2 id="Fediz-ApacheCXFFedizuserguide">Apache CXF Fediz user
guide</h2><ul><li><a shape="rect"
href="fediz-introduction.html">Introduction</a></li><li><a shape="rect"
href="fediz-architecture.html">Fediz Architecture</a></li><li>Relying Party
Containers<br clear="none"><ul><li><a shape="rect" href="fedi
z-configuration.html">Fediz Configuration</a></li><li><a shape="rect"
href="fediz-extensions.html">Fediz Extensions</a></li><li><a shape="rect"
href="fediz-tomcat.html">Apache Tomcat</a></li><li><a shape="rect"
href="fediz-jetty.html">Jetty<br clear="none"></a></li><li><a shape="rect"
href="fediz-spring.html">Spring Security 3.1<br clear="none"></a></li><li><a
shape="rect" href="fediz-websphere.html">Websphere 7/8<br
clear="none"></a></li><li><a shape="rect" href="fediz-cxf.html">CXF<br
clear="none"></a></li></ul></li><li><a shape="rect"
href="fediz-idp-11.html">Fediz IdP</a></li><li><a shape="rect"
href="fediz-idp-10.html">Fediz IdP 1.0</a> (deprecated)</li><li><a shape="rect"
href="fediz-metadata.html">Fediz Metadata</a></li><li><a shape="rect"
href="fediz-samples.html">Fediz Samples</a></li><li><a shape="rect"
href="fediz-articles.html">Fediz Articles</a></li><li><a shape="rect"
href="fediz-history.html">Fediz History</a></li></ul><p><br
clear="none"></p></div>
+<div id="ConfluenceContent"><h1
id="Fediz-ApacheCXFFediz:AnOpen-SourceWebSecurityFramework">Apache CXF Fediz:
An Open-Source Web Security Framework</h1><h2
id="Fediz-Overview">Overview</h2><p>Apache CXF Fediz is a subproject of CXF.
Fediz helps you to secure your web applications and delegates security
enforcement to the underlying application server. With Fediz, authentication is
externalized from your web application to an identity provider installed as a
dedicated server component. Apache CXF Fediz supports both <a shape="rect"
class="external-link"
href="http://docs.oasis-open.org/wsfed/federation/v1.2/os/ws-federation-1.2-spec-os.html#_Toc223175002";
rel="nofollow">WS-Federation Passive Requestor Profile</a> and the <a
shape="rect" class="external-link"
href="https://docs.oasis-open.org/security/saml/v2.0/saml-profiles-2.0-os.pdf";
rel="nofollow">SAML Web Browser SSO Profile</a>. Fediz supports <a shape="rect"
class="external-link" href="http://en.wikipedia.org/wiki/Claims-based_
identity" rel="nofollow">Claims Based Access Control</a> beyond Role Based
Access Control (RBAC).</p><h2
id="Fediz-News">News</h2><p><strong><strong><strong><strong>June 29, 2018 -
<strong><strong>Apache CXF Fediz 1.4.4</strong></strong>
released</strong></strong></strong></strong></p><p>Apache CXF Fediz 1.4.4 has
been released. A new security advisory has been released for an issue that was
fixed in this release:</p><ul><li><a shape="rect"
href="http://cxf.apache.org/security-advisories.data/CVE-2018-8038.txt.asc";>CVE-2018-8038</a>:
Apache CXF Fediz is vulnerable to DTD based XML
attacks.</li></ul><p><strong><strong><strong><strong>November 30, 2017 -
<strong><strong>Apache CXF Fediz 1.4.</strong></strong>3 and 1.3.3
released</strong></strong></strong></strong></p><p>Apache CXF Fediz 1.4.3 and
1.3.3 have been released. A new security advisory has been released for an
issue that was fixed in these releases:</p><ul><li><a shape="rect"
href="http://cxf.apache.org/security-advisories.d
ata/CVE-2017-12631.txt.asc">CVE-2017-12631</a>: CSRF vulnerabilities in
the Apache CXF Fediz Spring plugins.</li></ul><h2
id="Fediz-Download">Download</h2><p>See <a shape="rect"
href="fediz-downloads.html">here</a>.</p><h2 id="Fediz-ProjectSource">Project
Source</h2><p>The Apache CXF Fediz sources are hosted at <a shape="rect"
class="external-link" href="https://gitbox.apache.org/";>Apache gitbox</a>. This
includes a full two way sync with github. As github provides the nicer user
interface we now recommend to directly work on the github cxf
repo.</p><ul><li>Web Browsing: <a shape="rect" class="external-link"
href="https://github.com/apache/cxf-fediz";
rel="nofollow">https://github.com/apache/cxf-fediz</a></li><li>Checking out
from GIT: git clone g...@github.com:apache/cxf-fediz.git</li></ul><p>CXF
committers can directly commit to github after doing the <a shape="rect"
class="external-link"
href="https://gitbox.apache.org/setup/";>Apache gitbox setup</a>. Be aware t
hat the sync might take half an hour before you are added to the CXF github
group.</p><ul><li>Forking and Pull Requests: See <a shape="rect"
href="getting-involved.html">Getting Involved</a></li><li>Building the Source:
Follow the <a shape="rect" class="external-link"
href="https://github.com/apache/cxf-fediz/blob/master/BUILDING.txt";
rel="nofollow">BUILDING.txt</a> file in the Fediz download for full build
instructions.</li><li>Eclipse: See <a shape="rect"
href="http://cxf.apache.org/setting-up-eclipse.html";>this page</a> for
information on using the Eclipse IDE with the Fediz source code. This page is
created for CXF but the same commands are applicable for Fediz
too.</li></ul><h2 id="Fediz-ApacheCXFFedizuserguide">Apache CXF Fediz user
guide</h2><ul><li><a shape="rect"
href="fediz-introduction.html">Introduction</a></li><li><a shape="rect"
href="fediz-architecture.html">Fediz Architecture</a></li><li>Relying Party
Containers<br clear="none"><ul><li><a shape="rect" href="fedi
z-configuration.html">Fediz Configuration</a></li><li><a shape="rect"
href="fediz-extensions.html">Fediz Extensions</a></li><li><a shape="rect"
href="fediz-tomcat.html">Apache Tomcat</a></li><li><a shape="rect"
href="fediz-jetty.html">Jetty<br clear="none"></a></li><li><a shape="rect"
href="fediz-spring.html">Spring Security<br clear="none"></a></li><li><a
shape="rect" href="fediz-websphere.html">Websphere 7/8<br
clear="none"></a></li><li><a shape="rect" href="fediz-cxf.html">CXF<br
clear="none"></a></li></ul></li><li><a shape="rect"
href="fediz-idp-11.html">Fediz IdP</a></li><li><a shape="rect"
href="fediz-idp-10.html">Fediz IdP 1.0</a> (deprecated)</li><li><a shape="rect"
href="fediz-metadata.html">Fediz Metadata</a></li><li><a shape="rect"
href="fediz-samples.html">Fediz Samples</a></li><li><a shape="rect"
href="fediz-articles.html">Fediz Articles</a></li><li><a shape="rect"
href="fediz-history.html">Fediz History</a></li></ul><p><br
clear="none"></p></div>
</div>
<!-- Content -->
</td>
