Author: buildbot
Date: Tue Jun 17 09:46:53 2014
New Revision: 912827
Log:
Production update by buildbot for cxf
Modified:
websites/production/cxf/content/cache/main.pageCache
websites/production/cxf/content/fediz-downloads.html
websites/production/cxf/content/fediz.html
Modified: websites/production/cxf/content/cache/main.pageCache
==============================================================================
Binary files - no diff available.
Modified: websites/production/cxf/content/fediz-downloads.html
==============================================================================
--- websites/production/cxf/content/fediz-downloads.html (original)
+++ websites/production/cxf/content/fediz-downloads.html Tue Jun 17 09:46:53
2014
@@ -108,71 +108,23 @@ Apache CXF -- Fediz Downloads
<td height="100%">
<!-- Content -->
<div class="wiki-content">
-<div id="ConfluenceContent"><h1 id="FedizDownloads-Releases">Releases</h1>
-
-<h2 id="FedizDownloads-1.1.0">1.1.0</h2>
-<p>The 1.1.0 release is our latest release. For more information please see
the <a shape="rect" class="external-link"
href="http://svn.apache.org/viewvc/cxf/fediz/tags/fediz-1.1.0/release_notes.txt?view=markup";>release
notes</a> and the <a shape="rect" href="migration-guide-11.html">migration
guide</a>.</p>
-<div class="table-wrap"><table class="confluenceTable"><tbody><tr><th
colspan="1" rowspan="1" class="confluenceTh"><p>Description</p></th><th
colspan="1" rowspan="1" class="confluenceTh"><p>File</p></th><th colspan="1"
rowspan="1" class="confluenceTh"><p>MD5</p></th><th colspan="1" rowspan="1"
class="confluenceTh"><p>SHA1</p></th><th colspan="1" rowspan="1"
class="confluenceTh"><p>PGP</p></th></tr><tr><td colspan="1" rowspan="1"
class="confluenceTd"><p>Binary distribution</p></td><td colspan="1" rowspan="1"
class="confluenceTd"><p><a shape="rect" class="external-link"
href="http://www.apache.org/dyn/closer.cgi?path=/cxf/fediz/1.1.0/apache-fediz-1.1.0.zip";>apache-fediz-1.1.0.zip</a></p></td><td
colspan="1" rowspan="1" class="confluenceTd"><p><a shape="rect"
class="external-link"
href="http://www.apache.org/dist/cxf/fediz/1.1.0/apache-fediz-1.1.0.zip.md5";>apache-fediz-1.1.0.zip.md5</a></p></td><td
colspan="1" rowspan="1" class="confluenceTd"><p><a shape="rect"
class="external-link" hr
ef="http://www.apache.org/dist/cxf/fediz/1.1.0/apache-fediz-1.1.0.zip.sha1";>apache-fediz-1.1.0.zip.sha1</a></p></td><td
colspan="1" rowspan="1" class="confluenceTd"><p><a shape="rect"
class="external-link"
href="http://www.apache.org/dist/cxf/fediz/1.1.0/apache-fediz-1.1.0.zip.asc";>apache-fediz-1.1.0.zip.asc</a></p></td></tr><tr><td></td></tr><tr><td
colspan="1" rowspan="1" class="confluenceTd"><p>Source
distribution</p></td><td colspan="1" rowspan="1" class="confluenceTd"><p><a
shape="rect" class="external-link"
href="http://www.apache.org/dyn/closer.cgi?path=/cxf/fediz/1.1.0/fediz-1.1.0-source-release.zip";>fediz-1.1.0-source-release.zip</a></p></td><td
colspan="1" rowspan="1" class="confluenceTd"><p><a shape="rect"
class="external-link"
href="http://www.apache.org/dist/cxf/fediz/1.1.0/fediz-1.1.0-source-release.zip.md5";>fediz-1.1.0-source-release.zip.md5</a></p></td><td
colspan="1" rowspan="1" class="confluenceTd"><p><a shape="rect"
class="external-link" href="http://www.apache.or
g/dist/cxf/fediz/1.1.0/fediz-1.1.0-source-release.zip.sha1">fediz-1.1.0-source-release.zip.sha1</a></p></td><td
colspan="1" rowspan="1" class="confluenceTd"><p><a shape="rect"
class="external-link"
href="http://www.apache.org/dist/cxf/fediz/1.1.0/fediz-1.1.0-source-release.zip.asc";>fediz-1.1.0-source-release.zip.asc</a></p></td></tr><tr><td></td></tr></tbody></table></div>
-
-
-<h2 id="FedizDownloads-1.0.3">1.0.3</h2>
-<p>The 1.0.3 release is our latest patch release for 1.0. For more information
please see the <a shape="rect" class="external-link"
href="http://svn.apache.org/viewvc/cxf/fediz/tags/fediz-1.0.3/release_notes.txt?view=markup";>release
notes</a>.</p>
-
-<div class="table-wrap"><table class="confluenceTable"><tbody><tr><th
colspan="1" rowspan="1" class="confluenceTh"><p>Description</p></th><th
colspan="1" rowspan="1" class="confluenceTh"><p>File</p></th><th colspan="1"
rowspan="1" class="confluenceTh"><p>MD5</p></th><th colspan="1" rowspan="1"
class="confluenceTh"><p>SHA1</p></th><th colspan="1" rowspan="1"
class="confluenceTh"><p>PGP</p></th></tr><tr><td colspan="1" rowspan="1"
class="confluenceTd"><p>Binary distribution</p></td><td colspan="1" rowspan="1"
class="confluenceTd"><p><a shape="rect" class="external-link"
href="http://www.apache.org/dyn/closer.cgi?path=/cxf/fediz/1.0.3/apache-fediz-1.0.3.zip";>apache-fediz-1.0.3.zip</a></p></td><td
colspan="1" rowspan="1" class="confluenceTd"><p><a shape="rect"
class="external-link"
href="http://www.apache.org/dist/cxf/fediz/1.0.3/apache-fediz-1.0.3.zip.md5";>apache-fediz-1.0.3.zip.md5</a></p></td><td
colspan="1" rowspan="1" class="confluenceTd"><p><a shape="rect"
class="external-link" hr
ef="http://www.apache.org/dist/cxf/fediz/1.0.3/apache-fediz-1.0.3.zip.sha1";>apache-fediz-1.0.3.zip.sha1</a></p></td><td
colspan="1" rowspan="1" class="confluenceTd"><p><a shape="rect"
class="external-link"
href="http://www.apache.org/dist/cxf/fediz/1.0.3/apache-fediz-1.0.3.zip.asc";>apache-fediz-1.0.3.zip.asc</a></p></td></tr><tr><td></td></tr><tr><td
colspan="1" rowspan="1" class="confluenceTd"><p>Source
distribution</p></td><td colspan="1" rowspan="1" class="confluenceTd"><p><a
shape="rect" class="external-link"
href="http://www.apache.org/dyn/closer.cgi?path=/cxf/fediz/1.0.3/fediz-1.0.3-source-release.zip";>fediz-1.0.3-source-release.zip</a></p></td><td
colspan="1" rowspan="1" class="confluenceTd"><p><a shape="rect"
class="external-link"
href="http://www.apache.org/dist/cxf/fediz/1.0.3/fediz-1.0.3-source-release.zip.md5";>fediz-1.0.3-source-release.zip.md5</a></p></td><td
colspan="1" rowspan="1" class="confluenceTd"><p><a shape="rect"
class="external-link" href="http://www.apache.or
g/dist/cxf/fediz/1.0.3/fediz-1.0.3-source-release.zip.sha1">fediz-1.0.3-source-release.zip.sha1</a></p></td><td
colspan="1" rowspan="1" class="confluenceTd"><p><a shape="rect"
class="external-link"
href="http://www.apache.org/dist/cxf/fediz/1.0.3/fediz-1.0.3-source-release.zip.asc";>fediz-1.0.3-source-release.zip.asc</a></p></td></tr><tr><td></td></tr></tbody></table></div>
-
-
-<h2 id="FedizDownloads-VerifyingReleases">Verifying Releases</h2>
-<p>When downloading from a mirror please check the MD5 and SHA1 checksums as
well as verifying the OpenPGP compatible signature available from the main
Apache site. The <a shape="rect" class="external-link"
href="http://www.apache.org/dist/cxf/KEYS";>KEYS</a> file contains the public
keys used for signing release. It is recommended that a web of trust is used to
confirm the identity of these keys.</p>
-
-<p>You can check the OpenPGP signature with:</p>
-<div class="code panel pdl" style="border-width: 1px;"><div class="codeContent
panelContent pdl">
-<script class="theme: Default; brush: java; gutter: false"
type="syntaxhighlighter"><![CDATA[
-gpg --verify apache-fediz-*.zip.asc
+<div id="ConfluenceContent"><h1 id="FedizDownloads-Releases">Releases</h1><h2
id="FedizDownloads-1.1.1">1.1.1</h2><p>The 1.1.1 release is our latest release.
For more information please see the <a shape="rect" class="external-link"
href="https://git-wip-us.apache.org/repos/asf?p=cxf-fediz.git;a=blob_plain;f=release_notes.txt;hb=5500f3cbf061b8f5b2d763e020df35516823d4e6";>release
notes</a> and the <a shape="rect" href="migration-guide-11.html">migration
guide</a>.</p><div class="table-wrap"><table
class="confluenceTable"><tbody><tr><th colspan="1" rowspan="1"
class="confluenceTh"><p>Description</p></th><th colspan="1" rowspan="1"
class="confluenceTh"><p>File</p></th><th colspan="1" rowspan="1"
class="confluenceTh"><p>MD5</p></th><th colspan="1" rowspan="1"
class="confluenceTh"><p>SHA1</p></th><th colspan="1" rowspan="1"
class="confluenceTh"><p>PGP</p></th></tr><tr><td colspan="1" rowspan="1"
class="confluenceTd"><p>Binary distribution</p></td><td colspan="1" rowspan="1"
class="confluen
ceTd"><p><a shape="rect" class="external-link"
href="http://www.apache.org/dyn/closer.cgi?path=/cxf/fediz/1.1.1/apache-fediz-1.1.1.zip";>apache-fediz-1.1.1.zip</a></p></td><td
colspan="1" rowspan="1" class="confluenceTd"><p><a shape="rect"
class="external-link"
href="http://www.apache.org/dist/cxf/fediz/1.1.1/apache-fediz-1.1.1.zip.md5";>apache-fediz-1.1.1.zip.md5</a></p></td><td
colspan="1" rowspan="1" class="confluenceTd"><p><a shape="rect"
class="external-link"
href="http://www.apache.org/dist/cxf/fediz/1.1.1/apache-fediz-1.1.1.zip.sha1";>apache-fediz-1.1.1.zip.sha1</a></p></td><td
colspan="1" rowspan="1" class="confluenceTd"><p><a shape="rect"
class="external-link"
href="http://www.apache.org/dist/cxf/fediz/1.1.1/apache-fediz-1.1.1.zip.asc";>apache-fediz-1.1.1.zip.asc</a></p></td></tr><tr><td
colspan="1" rowspan="1" class="confluenceTd"><p>Source
distribution</p></td><td colspan="1" rowspan="1" class="confluenceTd"><p><a
shape="rect" class="external-link" href="http://www.apache.org
/dyn/closer.cgi?path=/cxf/fediz/1.1.1/fediz-1.1.1-source-release.zip">fediz-1.1.1-source-release.zip</a></p></td><td
colspan="1" rowspan="1" class="confluenceTd"><p><a shape="rect"
class="external-link"
href="http://www.apache.org/dist/cxf/fediz/1.1.1/fediz-1.1.1-source-release.zip.md5";>fediz-1.1.1-source-release.zip.md5</a></p></td><td
colspan="1" rowspan="1" class="confluenceTd"><p><a shape="rect"
class="external-link"
href="http://www.apache.org/dist/cxf/fediz/1.1.1/fediz-1.1.1-source-release.zip.sha1";>fediz-1.1.1-source-release.zip.sha1</a></p></td><td
colspan="1" rowspan="1" class="confluenceTd"><p><a shape="rect"
class="external-link"
href="http://www.apache.org/dist/cxf/fediz/1.1.1/fediz-1.1.1-source-release.zip.asc";>fediz-1.1.1-source-release.zip.asc</a></p></td></tr></tbody></table></div><h2
id="FedizDownloads-1.0.4">1.0.4</h2><p>The 1.0.4 release is our latest patch
release for 1.0. For more information please see the <a shape="rect"
class="external-link" href="https://git
-wip-us.apache.org/repos/asf?p=cxf-fediz.git;a=blob_plain;f=release_notes.txt;hb=22686242998f89d6bbc0e96167eed1453c5350e6">release
notes</a>.</p><div class="table-wrap"><table
class="confluenceTable"><tbody><tr><th colspan="1" rowspan="1"
class="confluenceTh"><p>Description</p></th><th colspan="1" rowspan="1"
class="confluenceTh"><p>File</p></th><th colspan="1" rowspan="1"
class="confluenceTh"><p>MD5</p></th><th colspan="1" rowspan="1"
class="confluenceTh"><p>SHA1</p></th><th colspan="1" rowspan="1"
class="confluenceTh"><p>PGP</p></th></tr><tr><td colspan="1" rowspan="1"
class="confluenceTd"><p>Binary distribution</p></td><td colspan="1" rowspan="1"
class="confluenceTd"><p><a shape="rect" class="external-link"
href="http://www.apache.org/dyn/closer.cgi?path=/cxf/fediz/1.0.4/apache-fediz-1.0.4.zip";>apache-fediz-1.0.4.zip</a></p></td><td
colspan="1" rowspan="1" class="confluenceTd"><p><a shape="rect"
class="external-link"
href="http://www.apache.org/dist/cxf/fediz/1.0.4/apache-fediz-1
.0.4.zip.md5">apache-fediz-1.0.4.zip.md5</a></p></td><td colspan="1"
rowspan="1" class="confluenceTd"><p><a shape="rect" class="external-link"
href="http://www.apache.org/dist/cxf/fediz/1.0.4/apache-fediz-1.0.4.zip.sha1";>apache-fediz-1.0.4.zip.sha1</a></p></td><td
colspan="1" rowspan="1" class="confluenceTd"><p><a shape="rect"
class="external-link"
href="http://www.apache.org/dist/cxf/fediz/1.0.4/apache-fediz-1.0.4.zip.asc";>apache-fediz-1.0.4.zip.asc</a></p></td></tr><tr><td
colspan="1" rowspan="1" class="confluenceTd"><p>Source
distribution</p></td><td colspan="1" rowspan="1" class="confluenceTd"><p><a
shape="rect" class="external-link"
href="http://www.apache.org/dyn/closer.cgi?path=/cxf/fediz/1.0.4/fediz-1.0.4-source-release.zip";>fediz-1.0.4-source-release.zip</a></p></td><td
colspan="1" rowspan="1" class="confluenceTd"><p><a shape="rect"
class="external-link"
href="http://www.apache.org/dist/cxf/fediz/1.0.4/fediz-1.0.4-source-release.zip.md5";>fediz-1.0.4-source-release.zip.md5</
a></p></td><td colspan="1" rowspan="1" class="confluenceTd"><p><a shape="rect"
class="external-link"
href="http://www.apache.org/dist/cxf/fediz/1.0.4/fediz-1.0.4-source-release.zip.sha1";>fediz-1.0.4-source-release.zip.sha1</a></p></td><td
colspan="1" rowspan="1" class="confluenceTd"><p><a shape="rect"
class="external-link"
href="http://www.apache.org/dist/cxf/fediz/1.0.4/fediz-1.0.4-source-release.zip.asc";>fediz-1.0.4-source-release.zip.asc</a></p></td></tr></tbody></table></div><h2
id="FedizDownloads-VerifyingReleases">Verifying Releases</h2><p>When
downloading from a mirror please check the MD5 and SHA1 checksums as well as
verifying the OpenPGP compatible signature available from the main Apache site.
The <a shape="rect" class="external-link"
href="http://www.apache.org/dist/cxf/KEYS";>KEYS</a> file contains the public
keys used for signing release. It is recommended that a web of trust is used to
confirm the identity of these keys.</p><p>You can check the OpenPGP signature
with:<
/p><div class="code panel pdl" style="border-width: 1px;"><div
class="codeContent panelContent pdl">
+<script class="theme: Default; brush: java; gutter: false"
type="syntaxhighlighter"><![CDATA[gpg --verify apache-fediz-*.zip.asc
]]></script>
-</div></div>
-
-<p>You can check the MD5 checksum with:</p>
-<div class="code panel pdl" style="border-width: 1px;"><div class="codeContent
panelContent pdl">
-<script class="theme: Default; brush: java; gutter: false"
type="syntaxhighlighter"><![CDATA[
-md5sum --check apache-fediz-*.zip.md5
+</div></div><p>You can check the MD5 checksum with:</p><div class="code panel
pdl" style="border-width: 1px;"><div class="codeContent panelContent pdl">
+<script class="theme: Default; brush: java; gutter: false"
type="syntaxhighlighter"><![CDATA[md5sum --check apache-fediz-*.zip.md5
]]></script>
-</div></div>
-
-<p>You can check the SHA1 checksum with:</p>
-<div class="code panel pdl" style="border-width: 1px;"><div class="codeContent
panelContent pdl">
-<script class="theme: Default; brush: java; gutter: false"
type="syntaxhighlighter"><![CDATA[
-sha1sum --check apache-fediz-*.zip.sha1
+</div></div><p>You can check the SHA1 checksum with:</p><div class="code panel
pdl" style="border-width: 1px;"><div class="codeContent panelContent pdl">
+<script class="theme: Default; brush: java; gutter: false"
type="syntaxhighlighter"><![CDATA[sha1sum --check apache-fediz-*.zip.sha1
]]></script>
-</div></div>
-
-<h1 id="FedizDownloads-Previousreleases">Previous releases</h1>
-
-<p>Previous releases are all archived in the apache archive: <a shape="rect"
class="external-link"
href="http://archive.apache.org/dist/cxf/fediz";>http://archive.apache.org/dist/cxf/fediz</a></p>
-
-<h1 id="FedizDownloads-Snapshots">Snapshots</h1>
-
- <div class="aui-message hint shadowed information-macro">
+</div></div><h1 id="FedizDownloads-Previousreleases">Previous
releases</h1><p>Previous releases are all archived in the apache archive: <a
shape="rect" class="external-link"
href="http://archive.apache.org/dist/cxf/fediz";>http://archive.apache.org/dist/cxf/fediz</a></p><h1
id="FedizDownloads-Snapshots">Snapshots</h1> <div class="aui-message hint
shadowed information-macro">
<p class="title">Warning about snapshots</p>
<span class="aui-icon icon-hint">Icon</span>
<div class="message-content">
-
-<p>These are snapshot builds - untested builds provided for your convenience.
They have not been tested, and are not official releases of the Apache CXF
Fediz project or the Apache Software Foundation. </p>
+ <p>These are snapshot builds - untested builds
provided for your convenience. They have not been tested, and are not official
releases of the Apache CXF Fediz project or the Apache Software Foundation.</p>
</div>
</div>
-
-
-<p>1.1.1 <a shape="rect" class="external-link"
href="https://repository.apache.org/content/groups/snapshots/org/apache/cxf/fediz/apache-fediz/1.1.1-SNAPSHOT/";>https://repository.apache.org/content/groups/snapshots/org/apache/cxf/fediz/apache-fediz/1.1.1-SNAPSHOT/</a></p>
-
-<p>1.0.4 <a shape="rect" class="external-link"
href="https://repository.apache.org/content/groups/snapshots/org/apache/cxf/fediz/apache-fediz/1.0.4-SNAPSHOT/";>https://repository.apache.org/content/groups/snapshots/org/apache/cxf/fediz/apache-fediz/1.0.4-SNAPSHOT/</a></p>
-
-<h1 id="FedizDownloads-Maven2Repositories">Maven 2 Repositories</h1>
-<p>If you use Maven 2 for building your applications, Apache CXF Fediz
artifacts are available from the following repository URLS:</p>
-
-<h3 id="FedizDownloads-Releases:">Releases:</h3>
-<p>All supported CXF releases are synced into the Maven central repository: <a
shape="rect" class="external-link" href="http://repo1.maven.org/maven2/";
rel="nofollow">http://repo1.maven.org/maven2/</a></p>
-
-<h3 id="FedizDownloads-Snapshots:">Snapshots:</h3>
-<p>Snapshots are available in Apache's Maven snapshot repository: <a
shape="rect" class="external-link"
href="http://repository.apache.org/snapshots";>http://repository.apache.org/snapshots</a></p></div>
+<p>1.1.2 <a shape="rect" class="external-link"
href="https://repository.apache.org/content/groups/snapshots/org/apache/cxf/fediz/apache-fediz/1.1.1-SNAPSHOT/";>https://repository.apache.org/content/groups/snapshots/org/apache/cxf/fediz/apache-fediz/1.1.2-SNAPSHOT/</a></p><h1
id="FedizDownloads-Maven2Repositories">Maven 2 Repositories</h1><p>If you use
Maven 2 for building your applications, Apache CXF Fediz artifacts are
available from the following repository URLS:</p><h3
id="FedizDownloads-Releases:">Releases:</h3><p>All supported CXF releases are
synced into the Maven central repository: <a shape="rect" class="external-link"
href="http://repo1.maven.org/maven2/";
rel="nofollow">http://repo1.maven.org/maven2/</a></p><h3
id="FedizDownloads-Snapshots:">Snapshots:</h3><p>Snapshots are available in
Apache's Maven snapshot repository: <a shape="rect" class="external-link"
href="http://repository.apache.org/snapshots";>http://repository.apache.org/snapshots</a></p></div>
</div>
<!-- Content -->
</td>
Modified: websites/production/cxf/content/fediz.html
==============================================================================
--- websites/production/cxf/content/fediz.html (original)
+++ websites/production/cxf/content/fediz.html Tue Jun 17 09:46:53 2014
@@ -99,7 +99,7 @@ Apache CXF -- Fediz
<td height="100%">
<!-- Content -->
<div class="wiki-content">
-<div id="ConfluenceContent"><h1
id="Fediz-ApacheCXFFediz:AnOpen-SourceWebSecurityFramework">Apache CXF Fediz:
An Open-Source Web Security Framework</h1><h2
id="Fediz-Overview">Overview</h2><p>Apache CXF Fediz is a subproject of CXF.
Fediz helps you to secure your web applications and delegates security
enforcement to the underlying application server. With Fediz, authentication is
externalized from your web application to an identity provider installed as a
dedicated server component. The supported standard is <a shape="rect"
class="external-link"
href="http://docs.oasis-open.org/wsfed/federation/v1.2/os/ws-federation-1.2-spec-os.html#_Toc223175002";
rel="nofollow">WS-Federation Passive Requestor Profile</a>. Fediz supports <a
shape="rect" class="external-link"
href="http://en.wikipedia.org/wiki/Claims-based_identity"; rel="nofollow">Claims
Based Access Control</a> beyond Role Based Access Control (RBAC).</p><h2
id="Fediz-News">News</h2><p>*November 9, 2013 - Apache CXF Fediz 1.1.0 re
leased!</p><p>Apache CXF Fediz 1.1.0 has been released. For more information,
please go <a shape="rect" href="fediz-downloads.html">here</a>.</p><h2
id="Fediz-Features">Features</h2><p>The following features are supported by
Fediz 1.1</p><ul><li>WS-Federation 1.0/1.1/1.2</li><li>SAML 1.1/2.0
Tokens</li><li>Support for encrypted SAML Tokens (Release 1.1)</li><li>Support
for Holder-Of-Key SubjectConfirmationMethod (1.1)</li><li>Custom token
Support</li><li>Publish WS-Federation Metadata document</li><li>Role
information encoded as AttributeStatement in SAML 1.1/2.0 tokens</li><li>Claims
information provided by FederationPrincipal Interface</li><li>Support for
Tomcat, Jetty, Websphere, Spring Security and CXF (1.1)</li><li>Fediz IDP
supports "Resource IDP" role as well (1.1)</li></ul><p>The following features
are planned for the next release:</p><ul><li>support for other protocols like
SAML-P, OAuth</li></ul><p>You can get the current status of the enhancements <a
shape="rect" class="e
xternal-link" href="https://issues.apache.org/jira/browse/FEDIZ";>here
</a>.</p><h2 id="Fediz-Architecture">Architecture</h2><p>The Fediz architecture
is described in more detail <a shape="rect"
href="fediz-architecture.html">here</a>.</p><h2
id="Fediz-Download">Download</h2><p>See <a shape="rect"
href="fediz-downloads.html">here</a>.</p><h2 id="Fediz-Gettingstarted">Getting
started</h2><p>The WS-Federation specification defines the following parties
involved during a web login:</p><ul><li>Browser</li><li>Identity Provider
(IDP)<br clear="none"> The IDP is a centralized, application independent
runtime component which implements the protocol defined by WS-Federation. You
can use any open source or commercial product that supports WS-Federation
1.1/1.2 as your IDP. It's recommended to use the Fediz IDP for testing as it
allows for testing your web application in a sandbox without having all
infrastructure components available. The Fediz IDP consists of two WAR
components. The Security
Token Service (STS) does most of the work including user authentication,
claims/role data retrieval and creating the SAML token. The IDP WAR translates
the response to an HTML response allowing a browser to process
it.</li><li>Relying Party (RP)<br clear="none"> The RP is a web application
that needs to be protected. The RP must be able to implement the protocol as
defined by WS-Federation. This component is called "Fediz Plugin" in this
project which consists of container agnostic module/jar and a container
specific jar. When an authenticated request is detected by the plugin it
redirects to the IDP for authentication. The browser sends the response from
the IDP to the RP after successful authentication. The RP validates the
response and creates the container security context.</li></ul><p>It's
recommended to deploy the IDP and the web application (RP) into different
container instances as in a production deployment. The container with the IDP
can be used during development and tes
ting for multiple web applications needing security.</p><h3
id="Fediz-SettinguptheIDP">Setting up the IDP</h3><p>The installation and
configuration of the IDP is documented <a shape="rect"
href="fediz-idp-11.html">here</a></p><h3
id="Fediz-SetuptheRelyingPartyContainer">Set up the Relying Party
Container</h3><p>The Fediz plugin needs to be deployed into the Relying Party
(RP) container. The security mechanism is not specified by JEE. Even though it
is very similar in each servlet container there are some differences which
require a dedicated Fediz plugin for each servlet container implementation.
Most of the configuration goes into a Servlet container independent
configuration file which is described <a shape="rect"
href="fediz-configuration.html">here</a></p><p>The following lists shows the
supported containers and the location of the installation and configuration
page.</p><ul><li><a shape="rect" href="fediz-tomcat.html">Tomcat 7
</a></li><li><a shape="rect" href="fediz-jetty.html
">Jetty 7/8 (1.1)</a></li><li><a shape="rect" href="fediz-spring.html">Spring
Security 3.1 (1.1)</a></li><li><a shape="rect"
href="fediz-websphere.html">Websphere 7/8 (1.1)</a></li><li><a shape="rect"
href="fediz-cxf.html">CXF (1.1) </a></li></ul><h2
id="Fediz-Samples">Samples</h2><p>The examples directory contains two sample
relying party applications. They are independent of each other, so it is not
necessary to deploy both at once.</p><p>Each sample is described in a
<code>README.txt</code> file located in the base directory of each
sample.</p><div class="table-wrap"><table
class="confluenceTable"><tbody><tr><th colspan="1" rowspan="1"
class="confluenceTh"><p>Sample</p></th><th colspan="1" rowspan="1"
class="confluenceTh"><p>Description</p></th></tr><tr><td colspan="1"
rowspan="1" class="confluenceTd"><p><strong>simpleWebapp</strong></p></td><td
colspan="1" rowspan="1" class="confluenceTd"><p>a simple web application which
is protected by the Fediz IDP. The FederationServlet illu
strates how to get security information using the standard
APIs.</p></td></tr><tr><td colspan="1" rowspan="1"
class="confluenceTd"><p><strong>wsclientWebapp</strong></p></td><td colspan="1"
rowspan="1" class="confluenceTd"><p>a protected web application that calls a
web service that uses the Fediz STS to validate credentials. Here, the same STS
is used for token issuance (indirectly, by the web application through use of
the Fediz IDP) and validation. The FederationServlet illustrates how to
securely call a web service.</p></td></tr></tbody></table></div><p><span
class="confluence-anchor-link" id="Fediz-building"></span></p><h2
id="Fediz-Building">Building</h2><p>Check out the code from
here:</p><ul><li>git<br clear="none"> git clone -v <a shape="rect"
class="external-link"
href="https://git-wip-us.apache.org/repos/asf/cxf-fediz.git";>https://git-wip-us.apache.org/repos/asf/cxf-fediz.git</a></li></ul><p>Then
follow the <a shape="rect" class="external-link" href="http://svn.apache.org
/viewvc/cxf/fediz/trunk/BUILDING.txt?view=markup">BUILDING.txt</a> file in the
Fediz download for full build instructions.</p><h5
id="Fediz-SettingupEclipse:">Setting up Eclipse:</h5><p>See <a shape="rect"
href="http://cxf.apache.org/setting-up-eclipse.html";>this page</a> for
information on using the Eclipse IDE with the Fediz source code. This page is
created for CXF but the same commands are applicable for Fediz too.</p></div>
+<div id="ConfluenceContent"><h1
id="Fediz-ApacheCXFFediz:AnOpen-SourceWebSecurityFramework">Apache CXF Fediz:
An Open-Source Web Security Framework</h1><h2
id="Fediz-Overview">Overview</h2><p>Apache CXF Fediz is a subproject of CXF.
Fediz helps you to secure your web applications and delegates security
enforcement to the underlying application server. With Fediz, authentication is
externalized from your web application to an identity provider installed as a
dedicated server component. The supported standard is <a shape="rect"
class="external-link"
href="http://docs.oasis-open.org/wsfed/federation/v1.2/os/ws-federation-1.2-spec-os.html#_Toc223175002";
rel="nofollow">WS-Federation Passive Requestor Profile</a>. Fediz supports <a
shape="rect" class="external-link"
href="http://en.wikipedia.org/wiki/Claims-based_identity"; rel="nofollow">Claims
Based Access Control</a> beyond Role Based Access Control (RBAC).</p><h2
id="Fediz-News">News</h2><p>*June 16, 2014 - Apache CXF Fediz 1.1.1 relea
sed!</p><p>Apache CXF Fediz 1.1.1 has been released. For more information,
please go <a shape="rect" href="fediz-downloads.html">here</a>.</p><h2
id="Fediz-Features">Features</h2><p>The following features are supported by
Fediz 1.1</p><ul><li>WS-Federation 1.0/1.1/1.2</li><li>SAML 1.1/2.0
Tokens</li><li>Support for encrypted SAML Tokens (Release 1.1)</li><li>Support
for Holder-Of-Key SubjectConfirmationMethod (1.1)</li><li>Custom token
Support</li><li>Publish WS-Federation Metadata document</li><li>Role
information encoded as AttributeStatement in SAML 1.1/2.0 tokens</li><li>Claims
information provided by FederationPrincipal Interface</li><li>Support for
Tomcat, Jetty, Websphere, Spring Security and CXF (1.1)</li><li>Fediz IDP
supports "Resource IDP" role as well (1.1)</li></ul><p>The following features
are planned for the next release:</p><ul><li>support for other protocols like
SAML-P, OAuth</li></ul><p>You can get the current status of the enhancements <a
shape="rect" class="exte
rnal-link" href="https://issues.apache.org/jira/browse/FEDIZ";>here
</a>.</p><h2 id="Fediz-Architecture">Architecture</h2><p>The Fediz architecture
is described in more detail <a shape="rect"
href="fediz-architecture.html">here</a>.</p><h2
id="Fediz-Download">Download</h2><p>See <a shape="rect"
href="fediz-downloads.html">here</a>.</p><h2 id="Fediz-Gettingstarted">Getting
started</h2><p>The WS-Federation specification defines the following parties
involved during a web login:</p><ul><li>Browser</li><li>Identity Provider
(IDP)<br clear="none"> The IDP is a centralized, application independent
runtime component which implements the protocol defined by WS-Federation. You
can use any open source or commercial product that supports WS-Federation
1.1/1.2 as your IDP. It's recommended to use the Fediz IDP for testing as it
allows for testing your web application in a sandbox without having all
infrastructure components available. The Fediz IDP consists of two WAR
components. The Security To
ken Service (STS) does most of the work including user authentication,
claims/role data retrieval and creating the SAML token. The IDP WAR translates
the response to an HTML response allowing a browser to process
it.</li><li>Relying Party (RP)<br clear="none"> The RP is a web application
that needs to be protected. The RP must be able to implement the protocol as
defined by WS-Federation. This component is called "Fediz Plugin" in this
project which consists of container agnostic module/jar and a container
specific jar. When an authenticated request is detected by the plugin it
redirects to the IDP for authentication. The browser sends the response from
the IDP to the RP after successful authentication. The RP validates the
response and creates the container security context.</li></ul><p>It's
recommended to deploy the IDP and the web application (RP) into different
container instances as in a production deployment. The container with the IDP
can be used during development and testin
g for multiple web applications needing security.</p><h3
id="Fediz-SettinguptheIDP">Setting up the IDP</h3><p>The installation and
configuration of the IDP is documented <a shape="rect"
href="fediz-idp-11.html">here</a></p><h3
id="Fediz-SetuptheRelyingPartyContainer">Set up the Relying Party
Container</h3><p>The Fediz plugin needs to be deployed into the Relying Party
(RP) container. The security mechanism is not specified by JEE. Even though it
is very similar in each servlet container there are some differences which
require a dedicated Fediz plugin for each servlet container implementation.
Most of the configuration goes into a Servlet container independent
configuration file which is described <a shape="rect"
href="fediz-configuration.html">here</a></p><p>The following lists shows the
supported containers and the location of the installation and configuration
page.</p><ul><li><a shape="rect" href="fediz-tomcat.html">Tomcat 7
</a></li><li><a shape="rect" href="fediz-jetty.html">J
etty 7/8 (1.1)</a></li><li><a shape="rect" href="fediz-spring.html">Spring
Security 3.1 (1.1)</a></li><li><a shape="rect"
href="fediz-websphere.html">Websphere 7/8 (1.1)</a></li><li><a shape="rect"
href="fediz-cxf.html">CXF (1.1) </a></li></ul><h2
id="Fediz-Samples">Samples</h2><p>The examples directory contains two sample
relying party applications. They are independent of each other, so it is not
necessary to deploy both at once.</p><p>Each sample is described in a
<code>README.txt</code> file located in the base directory of each
sample.</p><div class="table-wrap"><table
class="confluenceTable"><tbody><tr><th colspan="1" rowspan="1"
class="confluenceTh"><p>Sample</p></th><th colspan="1" rowspan="1"
class="confluenceTh"><p>Description</p></th></tr><tr><td colspan="1"
rowspan="1" class="confluenceTd"><p><strong>simpleWebapp</strong></p></td><td
colspan="1" rowspan="1" class="confluenceTd"><p>a simple web application which
is protected by the Fediz IDP. The FederationServlet illustr
ates how to get security information using the standard
APIs.</p></td></tr><tr><td colspan="1" rowspan="1"
class="confluenceTd"><p><strong>wsclientWebapp</strong></p></td><td colspan="1"
rowspan="1" class="confluenceTd"><p>a protected web application that calls a
web service that uses the Fediz STS to validate credentials. Here, the same STS
is used for token issuance (indirectly, by the web application through use of
the Fediz IDP) and validation. The FederationServlet illustrates how to
securely call a web service.</p></td></tr></tbody></table></div><p><span
class="confluence-anchor-link" id="Fediz-building"></span></p><h2
id="Fediz-Building">Building</h2><p>Check out the code from
here:</p><ul><li>git clone -v <a shape="rect" class="external-link"
href="https://git-wip-us.apache.org/repos/asf/cxf-fediz.git";>https://git-wip-us.apache.org/repos/asf/cxf-fediz.git</a></li></ul><p>Then
follow the <a shape="rect" class="external-link"
href="http://svn.apache.org/viewvc/cxf/fediz/trunk/
BUILDING.txt?view=markup">BUILDING.txt</a> file in the Fediz download for full
build instructions.</p><h5 id="Fediz-SettingupEclipse:">Setting up
Eclipse:</h5><p>See <a shape="rect"
href="http://cxf.apache.org/setting-up-eclipse.html";>this page</a> for
information on using the Eclipse IDE with the Fediz source code. This page is
created for CXF but the same commands are applicable for Fediz too.</p></div>
</div>
<!-- Content -->
</td>
