[Fediz] Spring Security 5 integration

Hello, The documentation mention Fediz is providing plugins for Spring Security 2, 3 and 4. Are there any plan to provide a Plugin supporting Spring Security 5 ? Thanks, Arnaud

Re: [Fediz Tomcat Plugin] EncryptedAssertion in SAML token

Hello, I manage to make the valve working with an EncryptedAssertion in a token. I submitted a pull request with the work I made https://github.com/apache/cxf-fediz/pull/5 <https://github.com/apache/cxf-fediz/pull/53> Arnaud On 11/06/2020 18:53, Arnaud Yahoo wrote: Hello, It seems

[Fediz Tomcat Plugin] EncryptedAssertion in SAML token

Hello, It seems Fediz tomcat plugin does not support EncryptedAssertion with SAML protocol. Is there any way to enable this ? it seems tokenDecryptionKey is only consumed by wsfed protocol. I will try to make a pull request, but seems harder than I though to support this. Arnaud

[Fediz tomcat valve] [SAML] NPE when KeyInfo is missing in signature.

Hello, During a SAML authentication flow, it seems Fediz is throwning NPE when signature is missing KeyInfo, which is supposed to be optional (if I understand saml spec correctly). While processing this kind of signature http://www.w3.org/2000/09/xmldsig#;>                            

Fediz: Tomcat upgrade breaks tomcat plugin

Hello, FormAuthenticator has been refactored to fix some security vulnerability issues, which breaks Fediz tomcat plugin (as FederationAuthenticator inherits from FormAuthenticator) I have filled https://issues.apache.org/jira/browse/FEDIZ-243 to provide some explaination Arnaud

[cxf-fediz] is there any plan for a release ?

Hello, We are using fediz tomcat valve for SAML v2 sso authentication. This fix https://issues.apache.org/jira/browse/FEDIZ-239 is necessary for some providers (Azure AD for example), snapshot version is working fine but it would be nice to have it in a release (as there were no fediz

Re: [FEDIZ Tomcat Valve] Invalid SAML id in Signin Request

Arnaud Yahoo wrote: It seems sometimes UUID is not valid when it starts with a number Fixed here: https://issues.apache.org/jira/browse/FEDIZ-239 Another question it seems NamedID policy is hard-coded with "urn:oasis:names:tc:SAML:2.0:nameid-format:persistent" Is there any way to

[FEDIZ Tomcat Valve] Invalid SAML id in Signin Request

Hello, Trying to authenticate against a PingFed server fails. Cause of the error is explained in their KB https://ping.force.com/Support/PingFederate/Administration/Request-or-response-rejected-with-the-log-message-String-does-not-match-pattern-for-xs-IDNEW It seems sometimes UUID is not

Fediz: SAML Authentication support with tomcat 8 plugin

Hello, On my tomcat hosting a RP application I am trying to authenticate against a SAML IDP so I am trying to use Fediz tomcat 8 plugin (1.4.3). Authentication fails with this log: May 11, 2018 11:22:14 AM org.apache.cxf.fediz.core.processor.SAMLProcessorImpl processRelayState SEVERE:

Re: Support tomcat 9 with osgi

is, Andy [1] https://issues.apache.org/jira/projects/CXF/issues On Wed, Feb 7, 2018 at 4:00 AM, Arnaud Yahoo <a_mer...@yahoo.fr.invalid> wrote: Hello, Osgi application using cxf cannot be deployed on tomcat 9 because osgi manifest exclude servlet 4.0. Are there any reasons for that ? Are

Support tomcat 9 with osgi

Hello, Osgi application using cxf cannot be deployed on tomcat 9 because osgi manifest exclude servlet 4.0. Are there any reasons for that ? Are there any plan to support Servlet 4.0 api ? Regards, Arnaud