Hi Jan,
Thank you for your reply.
In simpleWebapp the fediz_config.xml is linked from the context.xml so
does there need to be a separate fediz_config.xml for each webapp?
<Context>
<Valve
className="org.apache.cxf.fediz.tomcat8.FederationAuthenticator"
configFile="conf/fediz_config.xml" />
</Context>
I was hoping to have one IDP defined on the web at
somedomain.tld:9443/idp and then use it for development and production.
i develop on localhost, test.otherdomain.tld and otherdomain.tld.
But in entities-realm-myRealm.xml there is
<bean id="srv-fedizhelloworld"
class="org.apache.cxf.fediz.service.idp.service.jpa.ApplicationEntity">
<property name="realm"
value="urn:org:apache:cxf:fediz:fedizhelloworld" />
<property name="protocol"
value="http://docs.oasis-open.org/wsfed/federation/200706"; />
<property name="serviceDisplayName" value="Fedizhelloworld" />
<property name="serviceDescription" value="Web Application to
illustrate WS-Federation" />
<property name="role" value="ApplicationServiceType" />
<property name="tokenType"
value="http://docs.oasis-open.org/wss/oasis-wss-saml-token-profile-1.1#SAMLV2.0";
/>
<property name="lifeTime" value="3600" />
<property name="passiveRequestorEndpointConstraint"
value="https://localhost:?(\d)*/.*" />
<property name="logoutEndpointConstraint"
value="https://localhost:?(\d)*/.*" />
</bean>
Does this mean I have to define each webapp as an ApplicationEntry in
the IDP in order for it to work? And the constraints have to be set to
the domain I am using?
I have lots of small questions would it be possible to talk on IRC?
Regards,
Matthew
On 18/10/2017 12:00, Jan Bernhardt wrote:
Hi Metthew,
Fediz Config is independent of your hostname. You don't need to define your
hostname in your fediz config.
The only exception is when you use a reverse proxy for your application. Fediz
Plugin will always use the same hostname for the wreply URL that was used
within the request. In case of a reverse proxy the fediz plugin would only see
the internal hostname, but an external user could not follow this redirect to
an internal hostname. For this case you can set a wreply URL within the fediz
plugin configuration.
Hope that helps.
Jan
________________________________
Von: Matthew Broadhead <[email protected]>
Gesendet: Mittwoch, 18. Oktober 2017 10:18:06
An: [email protected]
Betreff: fediz_config.xml hosts
Hi,
The example fediz_config.xml file has the format
<FedizConfig>
<ContextConfig name="/fedizhelloworld">
...
which seems to describe a webapp deployed at Host localhost.
How would it be configured if the webapp is deployed at a different host
in Tomcat server.xml? e.g.
<Host name="domain.tld" ...>
I tried searching for the source. I found
https://github.com/apache/cxf-fediz/blob/master/plugins/core/src/main/java/org/apache/cxf/fediz/core/config/FedizContext.java
[https://avatars3.githubusercontent.com/u/47359?s=400&v=4]<https://github.com/apache/cxf-fediz/blob/master/plugins/core/src/main/java/org/apache/cxf/fediz/core/config/FedizContext.java>
apache/cxf-fediz<https://github.com/apache/cxf-fediz/blob/master/plugins/core/src/main/java/org/apache/cxf/fediz/core/config/FedizContext.java>
github.com
cxf-fediz - Mirror of Apache CXF
but couldn't find ContextConfig
Thanks
Matthew
