[
https://issues.apache.org/jira/browse/FEDIZ-41?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13557554#comment-13557554
]
Thierry Beucher commented on FEDIZ-41:
--------------------------------------
Thank you, Colm, for your warning.
I have forked from https://github.com/apache/cxf-fediz to
https://github.com/tbrgit/cxf-fediz.
Below is the brief summary of changes and enhancements compared to first draft
patch delivery :
* Missing legal headers added
* Compliance with Checkstyle and PMD rules
* Useless SafeDispatcherServlet class removed
* Major refactoring of 'federation-webflow.xml'
** Chained protocol-oriented checks decision states have been merged
in one
** <transitions on-exception ... /> have been reviewed
* The whole now runs with Fediz team existing integration tests (Jetty
and Tomcat) for BASIC authentication
This forked delivery contains also a starting point for "full" federation by
supporting WS Federation 'whr' query parameter :
* which could be directly provided by the remote/requestor browser,
* or selected by the remote user in local/resource IDP's 'signinform.jsp'
(among available partners realms registered : see 'IDPPartners.xml' file) if
not provided.
On RP side, this feature requires a 'HomeRealmCallbackHandler' class (provided
in this delivery) configured in 'fediz_config.xml' to intercept the 'whr'
query parameter.
Of course, this delivery supersedes the previous attached patch.
Thierry.
> Fediz IDP refactored with Spring Web Flow
> -----------------------------------------
>
> Key: FEDIZ-41
> URL: https://issues.apache.org/jira/browse/FEDIZ-41
> Project: CXF-Fediz
> Issue Type: Improvement
> Components: IDP
> Reporter: Thierry Beucher
> Labels: patch
> Attachments: fediz-idp-swf.zip
>
>
> I completely refactored Fediz idp component basing on Spring WebFlow : it can
> be found as attached fediz-idp-swf.patch.
> Basically the idea was to remove complex chain of filters implementing the
> idp flow, drastically reducing the base code.
> Applying the patch, all filters are removed and the master logic is migrated
> to federation-webflow.xml.
> It implies main other changes :
> • web.xml : referencing new idp servlet handling web-flow and mapped to
> /federation relative URL,
> • new idp-servlet.xml including web-flow configuration and specific idp
> beans configuration (which sources can be found into
> org.apache.cxf.fediz.service.idp.beans package),
> • various new and modified jsp views invoked as SWF view or end states in
> flow (signinform.jsp, signinresponseform.jsp, signoutresponse.jsp,
> genericerror.jsp and blank.jsp)
> The patch supports the following features, as currently implemented in
> original fediz-idp 1.1.0-SNAPSHOT release :
> • Login
> • Logout
> • Basic authentication and Form authentication (switch from one to the
> other has currently to be set in federation-webflow.xml)
> The patch has been successfully tested with singleWebapp project and webapp &
> fedizservice projects.
> Note: the only change required for Relying Parties webapps is located in
> fediz-config.xml : the protocol issuer should no longer be
> <issuer>https://localhost:9443/fedizidp/</issuer>
> but
>
> <issuer>https://localhost:9443/fedizidp/federation</issuer>
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira
