[2/3] cxf-fediz git commit: Moving systest webapps into a separate directory

[co...@apache.org]

http://git-wip-us.apache.org/repos/asf/cxf-fediz/blob/31101469/systests/springPreauthWebapp/pom.xml
----------------------------------------------------------------------
diff --git a/systests/springPreauthWebapp/pom.xml b/systests/springPreauthWebapp/pom.xml
deleted file mode 100644
index 255fd0f..0000000
--- a/systests/springPreauthWebapp/pom.xml
+++ /dev/null
@@ -1,125 +0,0 @@
-<?xml version="1.0" encoding="UTF-8"?>
-<!--
-  Licensed to the Apache Software Foundation (ASF) under one
-  or more contributor license agreements. See the NOTICE file
-  distributed with this work for additional information
-  regarding copyright ownership. The ASF licenses this file
-  to you under the Apache License, Version 2.0 (the
-  "License"); you may not use this file except in compliance
-  with the License. You may obtain a copy of the License at
- 
-  http://www.apache.org/licenses/LICENSE-2.0
- 
-  Unless required by applicable law or agreed to in writing,
-  software distributed under the License is distributed on an
-  "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
-  KIND, either express or implied. See the License for the
-  specific language governing permissions and limitations
-  under the License.
--->
-<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/maven-v4_0_0.xsd">
-
-    <modelVersion>4.0.0</modelVersion>
-    <parent>
-        <groupId>org.apache.cxf.fediz</groupId>
-        <artifactId>fediz-systests</artifactId>
-        <version>1.2.0-SNAPSHOT</version>
-        <relativePath>../pom.xml</relativePath>
-    </parent>
-    <groupId>org.apache.cxf.fediz.systests</groupId>
-    <artifactId>fediz-systests-springPreauthWebapp</artifactId>
-    <name>Apache Fediz Systests SpringWebapp (Pre-Authentication)</name>
-    <packaging>war</packaging>
-
-    <properties>
-        <project.build.sourceEncoding>UTF-8</project.build.sourceEncoding>
-    </properties>
-
-    <dependencies>
-        <dependency>
-            <groupId>commons-logging</groupId>
-            <artifactId>commons-logging</artifactId>
-            <version>${commons.logging.version}</version>
-            <scope>provided</scope>
-        </dependency>
-        <dependency>
-            <groupId>javax.servlet</groupId>
-            <artifactId>servlet-api</artifactId>
-            <version>${servlet.version}</version>
-            <scope>provided</scope>
-        </dependency>
-        <!-- Required to cast Principal to FederationPrincipal -->
-        <dependency>
-            <groupId>org.apache.cxf.fediz</groupId>
-            <artifactId>fediz-core</artifactId>
-            <version>${project.version}</version>
-            <scope>provided</scope>
-        </dependency>
-        <dependency>
-            <groupId>org.apache.cxf.fediz</groupId>
-            <artifactId>fediz-spring</artifactId>
-            <version>${project.version}</version>
-        </dependency>
-        <dependency>
-            <groupId>org.apache.commons</groupId>
-            <artifactId>commons-lang3</artifactId>
-            <version>${commons.lang.version}</version>
-        </dependency>
-        <dependency>
-            <groupId>org.springframework.security</groupId>
-            <artifactId>spring-security-web</artifactId>
-            <version>${spring.security.version}</version>
-        </dependency>
-        <dependency>
-            <groupId>org.springframework.security</groupId>
-            <artifactId>spring-security-config</artifactId>
-            <version>${spring.security.version}</version>
-        </dependency>
-        <dependency>
-            <groupId>org.slf4j</groupId>
-            <artifactId>slf4j-log4j12</artifactId>
-            <version>${slf4j.version}</version>
-        </dependency>
-        <dependency>
-            <groupId>log4j</groupId>
-            <artifactId>log4j</artifactId>
-            <version>${log4j.version}</version>
-            <exclusions>
-                <exclusion>
-                    <groupId>javax.mail</groupId>
-                    <artifactId>mail</artifactId>
-                </exclusion>
-                <exclusion>
-                    <groupId>javax.jms</groupId>
-                    <artifactId>jms</artifactId>
-                </exclusion>
-                <exclusion>
-                    <groupId>com.sun.jdmk</groupId>
-                    <artifactId>jmxtools</artifactId>
-                </exclusion>
-                <exclusion>
-                    <groupId>com.sun.jmx</groupId>
-                    <artifactId>jmxri</artifactId>
-                </exclusion>
-            </exclusions>
-        </dependency>
-    </dependencies>
-
-    <build>
-        <plugins>
-            <plugin><!--for mvn tomcat:deploy/:undeploy/:redeploy -->
-                <groupId>org.codehaus.mojo</groupId>
-                <artifactId>tomcat-maven-plugin</artifactId>
-                <version>1.1</version>
-                <configuration>
-                    <server>myTomcat</server>
-                    <url>http://localhost:8080/manager/text</url>
-                    <path>/${project.build.finalName}</path>
-                </configuration>
-            </plugin>
-        </plugins>
-        <!-- Name of the generated WAR file -->
-        <finalName>fedizhelloworld</finalName>
-    </build>
-
-</project>

http://git-wip-us.apache.org/repos/asf/cxf-fediz/blob/31101469/systests/springPreauthWebapp/src/main/java/org/apache/cxf/fediz/example/FederationServlet.java
----------------------------------------------------------------------
diff --git a/systests/springPreauthWebapp/src/main/java/org/apache/cxf/fediz/example/FederationServlet.java b/systests/springPreauthWebapp/src/main/java/org/apache/cxf/fediz/example/FederationServlet.java
deleted file mode 100644
index d23281c..0000000
--- a/systests/springPreauthWebapp/src/main/java/org/apache/cxf/fediz/example/FederationServlet.java
+++ /dev/null
@@ -1,108 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- */
-
-package org.apache.cxf.fediz.example;
-
-import java.io.IOException;
-import java.io.PrintWriter;
-import java.security.Principal;
-import java.util.Arrays;
-import java.util.List;
-
-import javax.servlet.ServletException;
-import javax.servlet.http.HttpServlet;
-import javax.servlet.http.HttpServletRequest;
-import javax.servlet.http.HttpServletResponse;
-
-import org.w3c.dom.Element;
-
-import org.apache.cxf.fediz.core.Claim;
-import org.apache.cxf.fediz.core.ClaimCollection;
-import org.apache.cxf.fediz.core.FedizPrincipal;
-import org.apache.cxf.fediz.core.SecurityTokenThreadLocal;
-
-import org.springframework.security.core.Authentication;
-import org.springframework.security.core.context.SecurityContextHolder;
-import org.springframework.util.Assert;
-
-public class FederationServlet extends HttpServlet {
-
-    /**
-     * 
-     */
-    private static final long serialVersionUID = -9019993850246851112L;
-
-    public void doGet(HttpServletRequest request, HttpServletResponse response) throws ServletException,
-        IOException {
-
-        response.setContentType("text/html");
-        PrintWriter out = response.getWriter();
-
-        out.println("<html>");
-        out.println("<head><title>WS Federation Systests Spring Examples</title></head>");
-        out.println("<body>");
-        out.println("<p>Request url: " + request.getRequestURL().toString() + "</p>");
-
-        out.print("<p>userPrincipal=");
-        Principal p = request.getUserPrincipal();
-        if (p != null) {
-            out.print(p.getName());
-        }
-        out.println("</p>");
-
-        List<String> roleListToCheck = Arrays.asList("Admin", "Manager", "User", "Authenticated");
-        for (String item : roleListToCheck) {
-            out.println("<p>role:" + item + "=" + ((request.isUserInRole(item)) ? "true" : "false") + "</p>");
-        }
-
-        if (p instanceof FedizPrincipal) {
-            FedizPrincipal fp = (FedizPrincipal)p;
-
-            ClaimCollection claims = fp.getClaims();
-            for (Claim c : claims) {
-                out.println("<p>" + c.getClaimType().toString() + "=" + c.getValue() + "</p>");
-            }
-            
-            Element el = fp.getLoginToken();
-            if (el != null) {
-                out.println("loginToken=FOUND{FedizPrincipal}<p>");
-            }
-            
-            el = SecurityTokenThreadLocal.getToken();
-            if (el != null) {
-                out.println("loginToken=FOUND{SecurityTokenThreadLocal}<p>");
-            }
-        }
-        
-        out.println("</body>");
-        
-        // Access Spring security context
-        Assert.notNull(SecurityContextHolder.getContext().getAuthentication(),
-                       "SecurityContextHolder Authentication not null");
-        
-        Authentication obj = SecurityContextHolder.getContext().getAuthentication();
-        System.out.println("getCredentials: " + obj.getCredentials().toString());
-        System.out.println("getDetails: " + obj.getDetails().toString());
-        System.out.println("getName: " + obj.getName().toString());
-        System.out.println("getAuthorities: " + obj.getAuthorities().toString());
-        System.out.println("getPrincipal: " + obj.getPrincipal().toString());
-        
-    }
-
-}

http://git-wip-us.apache.org/repos/asf/cxf-fediz/blob/31101469/systests/springPreauthWebapp/src/main/resources/log4j.properties
----------------------------------------------------------------------
diff --git a/systests/springPreauthWebapp/src/main/resources/log4j.properties b/systests/springPreauthWebapp/src/main/resources/log4j.properties
deleted file mode 100644
index e2cc4b0..0000000
--- a/systests/springPreauthWebapp/src/main/resources/log4j.properties
+++ /dev/null
@@ -1,20 +0,0 @@
-# Set root category priority to INFO and its only appender to CONSOLE.
-#log4j.rootLogger=INFO, CONSOLE
-log4j.rootLogger=DEBUG, CONSOLE
-#log4j.logger.org.springframework=INFO, CONSOLE
-#log4j.logger.org.springframework.security=DEBUG, CONSOLE,LOGFILE
-#log4j.logger.org.apache.cxf.fediz=DEBUG, CONSOLE,LOGFILE
-
-# CONSOLE is set to be a ConsoleAppender using a PatternLayout.
-log4j.appender.CONSOLE=org.apache.log4j.ConsoleAppender
-log4j.appender.CONSOLE.Threshold=DEBUG
-log4j.appender.CONSOLE.layout=org.apache.log4j.PatternLayout
-log4j.appender.CONSOLE.layout.ConversionPattern=%d [%t] %-5p %c %x - %m%n
-
-# LOGFILE is set to be a File appender using a PatternLayout.
-log4j.appender.LOGFILE=org.apache.log4j.FileAppender
-log4j.appender.LOGFILE.File=fedizhelloworld.log
-log4j.appender.LOGFILE.Append=false
-log4j.appender.LOGFILE.Threshold=DEBUG
-log4j.appender.LOGFILE.layout=org.apache.log4j.PatternLayout
-log4j.appender.LOGFILE.layout.ConversionPattern=%d [%t] %-5p %c %x - %m%n

http://git-wip-us.apache.org/repos/asf/cxf-fediz/blob/31101469/systests/springPreauthWebapp/src/main/webapp/META-INF/context.xml
----------------------------------------------------------------------
diff --git a/systests/springPreauthWebapp/src/main/webapp/META-INF/context.xml b/systests/springPreauthWebapp/src/main/webapp/META-INF/context.xml
deleted file mode 100644
index 7fc734a..0000000
--- a/systests/springPreauthWebapp/src/main/webapp/META-INF/context.xml
+++ /dev/null
@@ -1,3 +0,0 @@
-<Context>
-        <Valve className="org.apache.cxf.fediz.tomcat.FederationAuthenticator" configFile="conf/fediz_config.xml" />        
-</Context>

http://git-wip-us.apache.org/repos/asf/cxf-fediz/blob/31101469/systests/springPreauthWebapp/src/main/webapp/WEB-INF/applicationContext-security.xml
----------------------------------------------------------------------
diff --git a/systests/springPreauthWebapp/src/main/webapp/WEB-INF/applicationContext-security.xml b/systests/springPreauthWebapp/src/main/webapp/WEB-INF/applicationContext-security.xml
deleted file mode 100644
index 2b05358..0000000
--- a/systests/springPreauthWebapp/src/main/webapp/WEB-INF/applicationContext-security.xml
+++ /dev/null
@@ -1,98 +0,0 @@
-<?xml version="1.0" encoding="UTF-8"?>
-
-<!--
-  - Sample namespace-based configuration
-  -
-  -->
-
-<beans xmlns="http://www.springframework.org/schema/beans"
-    xmlns:sec="http://www.springframework.org/schema/security"
-    xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
-    xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-3.0.xsd
-                        http://www.springframework.org/schema/security http://www.springframework.org/schema/security/spring-security.xsd">
-
-    <bean id="filterChainProxy" class="org.springframework.security.web.FilterChainProxy">
-        <sec:filter-chain-map path-type="ant">
-            <sec:filter-chain pattern="/**" filters="sif,j2eePreAuthFilter,logoutFilter,etf,fsi"/>
-        </sec:filter-chain-map>
-    </bean>
-
-    <bean id="sif" class="org.springframework.security.web.context.SecurityContextPersistenceFilter"/>
-
-    <sec:authentication-manager alias="authenticationManager">
-        <sec:authentication-provider ref='preAuthenticatedAuthenticationProvider'/>
-    </sec:authentication-manager>
-
-    <bean id="preAuthenticatedAuthenticationProvider" class="org.springframework.security.web.authentication.preauth.PreAuthenticatedAuthenticationProvider">
-        <property name="preAuthenticatedUserDetailsService" ref="preAuthenticatedUserDetailsService"/>
-    </bean>
-
-	<!-- 
-    <bean id="preAuthenticatedUserDetailsService"
-            class="org.springframework.security.web.authentication.preauth.PreAuthenticatedGrantedAuthoritiesUserDetailsService"/>
-    -->
-    <bean id="preAuthenticatedUserDetailsService"
-            class="org.apache.cxf.fediz.spring.preauth.PreAuthenticatedGrantedAuthoritiesUserDetailsFederationService"/>    
-    
-    <!--<bean id="j2eePreAuthFilter" class="org.springframework.security.web.authentication.preauth.j2ee.J2eePreAuthenticatedProcessingFilter">-->
-    <bean id="j2eePreAuthFilter" class="org.apache.cxf.fediz.spring.preauth.FederationPreAuthenticatedProcessingFilter">
-        <property name="authenticationManager" ref="authenticationManager"/>
-        <property name="authenticationDetailsSource">
-            <bean class="org.springframework.security.web.authentication.preauth.j2ee.J2eeBasedPreAuthenticatedWebAuthenticationDetailsSource">
-                <property name="mappableRolesRetriever">
-                    <bean class="org.springframework.security.web.authentication.preauth.j2ee.WebXmlMappableAttributesRetriever" />
-                </property>
-                <property name="userRoles2GrantedAuthoritiesMapper">
-                    <bean class="org.springframework.security.core.authority.mapping.SimpleAttributes2GrantedAuthoritiesMapper">
-                        <property name="convertAttributeToUpperCase" value="true"/>
-                    </bean>
-                </property>
-            </bean>
-        </property>
-    </bean>
-
-    <bean id="preAuthenticatedProcessingFilterEntryPoint"
-            class="org.springframework.security.web.authentication.Http403ForbiddenEntryPoint"/>
-
-    <bean id="logoutFilter" class="org.springframework.security.web.authentication.logout.LogoutFilter">
-        <constructor-arg value="/"/>
-        <constructor-arg>
-            <list>
-                <bean class="org.springframework.security.web.authentication.logout.SecurityContextLogoutHandler"/>
-            </list>
-        </constructor-arg>
-    </bean>
-
-    <bean id="servletContext" class="org.springframework.web.context.support.ServletContextFactoryBean"/>
-
-    <bean id="etf" class="org.springframework.security.web.access.ExceptionTranslationFilter">
-        <property name="authenticationEntryPoint" ref="preAuthenticatedProcessingFilterEntryPoint"/>
-    </bean>
-
-    <bean id="httpRequestAccessDecisionManager" class="org.springframework.security.access.vote.AffirmativeBased">
-        <property name="allowIfAllAbstainDecisions" value="false"/>
-        <property name="decisionVoters">
-            <list>
-                <ref bean="roleVoter"/>
-            </list>
-        </property>
-    </bean>
-
-    <bean id="fsi" class="org.springframework.security.web.access.intercept.FilterSecurityInterceptor">
-        <property name="authenticationManager" ref="authenticationManager"/>
-        <property name="accessDecisionManager" ref="httpRequestAccessDecisionManager"/>
-        <property name="securityMetadataSource">
-            <sec:filter-invocation-definition-source>
-                <sec:intercept-url pattern="/secure/manager/**" access="ROLE_MANAGER"/>
-                <sec:intercept-url pattern="/secure/admin/**" access="ROLE_ADMIN"/>
-                <sec:intercept-url pattern="/secure/user/**" access="ROLE_USER,ROLE_ADMIN,ROLE_MANAGER"/>
-                <sec:intercept-url pattern="/secure/fedservlet" access="ROLE_USER,ROLE_ADMIN,ROLE_MANAGER,ROLE_AUTHENTICATED"/>
-            </sec:filter-invocation-definition-source>
-        </property>
-    </bean>
-
-    <bean id="roleVoter" class="org.springframework.security.access.vote.RoleVoter"/>
-
-    <bean id="securityContextHolderAwareRequestFilter" class="org.springframework.security.web.servletapi.SecurityContextHolderAwareRequestFilter"/>
-
-</beans>

http://git-wip-us.apache.org/repos/asf/cxf-fediz/blob/31101469/systests/springPreauthWebapp/src/main/webapp/WEB-INF/web.xml
----------------------------------------------------------------------
diff --git a/systests/springPreauthWebapp/src/main/webapp/WEB-INF/web.xml b/systests/springPreauthWebapp/src/main/webapp/WEB-INF/web.xml
deleted file mode 100644
index 0149aac..0000000
--- a/systests/springPreauthWebapp/src/main/webapp/WEB-INF/web.xml
+++ /dev/null
@@ -1,107 +0,0 @@
-<web-app xmlns="http://java.sun.com/xml/ns/javaee" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
-	xsi:schemaLocation="http://java.sun.com/xml/ns/javaee
-                      http://java.sun.com/xml/ns/javaee/web-app_3_0.xsd"
-	version="3.0" metadata-complete="true">
-
-	<description>
-    WS Federation Spring Example
-    </description>
-	<display-name>WS Federation Spring Example</display-name>
-	
-
-
-    <!--
-      - Location of the XML file that defines the root application context
-      - Applied by ContextLoaderListener.
-      -->
-    <context-param>
-        <param-name>contextConfigLocation</param-name>
-        <param-value>
-            /WEB-INF/applicationContext-security.xml
-        </param-value>
-    </context-param>
-
-    <filter>
-        <filter-name>filterChainProxy</filter-name>
-        <filter-class>org.springframework.web.filter.DelegatingFilterProxy</filter-class>
-    </filter>
-    
-    <!-- Optional: Cache the security token in Thread Local Storage -->
-	<filter>
-		<filter-name>FederationFilter</filter-name>
-		<filter-class>org.apache.cxf.fediz.core.servlet.FederationFilter</filter-class>
-	</filter>
-
-    <filter-mapping>
-      <filter-name>filterChainProxy</filter-name>
-      <url-pattern>/*</url-pattern>
-    </filter-mapping>
-    
-    <filter-mapping>
-		<filter-name>FederationFilter</filter-name>
-		<url-pattern>/secure/*</url-pattern>
-	</filter-mapping>
-
-    <!--
-      - Loads the root application context of this web app at startup.
-      - The application context is then available via
-      - WebApplicationContextUtils.getWebApplicationContext(servletContext).
-    -->
-    <listener>
-        <listener-class>org.springframework.web.context.ContextLoaderListener</listener-class>
-    </listener>
-     
-	<servlet>
-		<servlet-name>FederationServlet</servlet-name>
-		<servlet-class>org.apache.cxf.fediz.example.FederationServlet</servlet-class>
-	</servlet>
-
-	<servlet-mapping>
-		<servlet-name>FederationServlet</servlet-name>
-		<url-pattern>/secure/fedservlet</url-pattern>
-	</servlet-mapping>
-
-	<servlet-mapping>
-		<servlet-name>FederationServlet</servlet-name>
-		<url-pattern>/secure/admin/fedservlet</url-pattern>
-	</servlet-mapping>
-	
-	<servlet-mapping>
-		<servlet-name>FederationServlet</servlet-name>
-		<url-pattern>/secure/user/fedservlet</url-pattern>
-	</servlet-mapping>
-	
-	<servlet-mapping>
-		<servlet-name>FederationServlet</servlet-name>
-		<url-pattern>/secure/manager/fedservlet</url-pattern>
-	</servlet-mapping>
- 
-	<security-role>
-		<role-name>Manager</role-name>
-	</security-role>
-	<security-role>
-		<role-name>User</role-name>
-	</security-role>
-	<security-role>
-		<role-name>Admin</role-name>
-	</security-role>
-	<security-role>
-		<role-name>Authenticated</role-name>
-	</security-role>				
-
-	<security-constraint>
-		<web-resource-collection>
-			<web-resource-name>Protected Area</web-resource-name>
-			<url-pattern>/secure/*</url-pattern>
-		</web-resource-collection>
-		<auth-constraint>
-			<role-name>*</role-name>
-		</auth-constraint>
-	</security-constraint>
- 
-	<login-config>
-		<auth-method>WSFED</auth-method>
-		<realm-name>WSFED</realm-name>
-	</login-config>
-
-</web-app>

http://git-wip-us.apache.org/repos/asf/cxf-fediz/blob/31101469/systests/springPreauthWebapp/src/main/webapp/index.html
----------------------------------------------------------------------
diff --git a/systests/springPreauthWebapp/src/main/webapp/index.html b/systests/springPreauthWebapp/src/main/webapp/index.html
deleted file mode 100644
index a9dbdaa..0000000
--- a/systests/springPreauthWebapp/src/main/webapp/index.html
+++ /dev/null
@@ -1,25 +0,0 @@
-<!--
-  Licensed to the Apache Software Foundation (ASF) under one or more
-  contributor license agreements.  See the NOTICE file distributed with
-  this work for additional information regarding copyright ownership.
-  The ASF licenses this file to You under the Apache License, Version 2.0
-  (the "License"); you may not use this file except in compliance with
-  the License.  You may obtain a copy of the License at
-
-      http://www.apache.org/licenses/LICENSE-2.0
-
-  Unless required by applicable law or agreed to in writing, software
-  distributed under the License is distributed on an "AS IS" BASIS,
-  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-  See the License for the specific language governing permissions and
-  limitations under the License.
--->
-<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN">
-<HTML><HEAD><TITLE>WS Federation Tomcat Examples</TITLE>
-<META http-equiv=Content-Type content="text/html">
-</HEAD>
-<BODY>
-<P>
-<H3>Hello World</H3>
-<P></P>
-</BODY></HTML>

http://git-wip-us.apache.org/repos/asf/cxf-fediz/blob/31101469/systests/springPreauthWebapp/src/main/webapp/secure/test.html
----------------------------------------------------------------------
diff --git a/systests/springPreauthWebapp/src/main/webapp/secure/test.html b/systests/springPreauthWebapp/src/main/webapp/secure/test.html
deleted file mode 100644
index 9cf7366..0000000
--- a/systests/springPreauthWebapp/src/main/webapp/secure/test.html
+++ /dev/null
@@ -1,25 +0,0 @@
-<!--
-  Licensed to the Apache Software Foundation (ASF) under one or more
-  contributor license agreements.  See the NOTICE file distributed with
-  this work for additional information regarding copyright ownership.
-  The ASF licenses this file to You under the Apache License, Version 2.0
-  (the "License"); you may not use this file except in compliance with
-  the License.  You may obtain a copy of the License at
-
-      http://www.apache.org/licenses/LICENSE-2.0
-
-  Unless required by applicable law or agreed to in writing, software
-  distributed under the License is distributed on an "AS IS" BASIS,
-  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-  See the License for the specific language governing permissions and
-  limitations under the License.
--->
-<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN">
-<HTML><HEAD><TITLE>WS Federation Tomcat Examples</TITLE>
-<META http-equiv=Content-Type content="text/html">
-</HEAD>
-<BODY>
-<P>
-<H3>Secure Test</H3>
-<P></P>
-</BODY></HTML>

http://git-wip-us.apache.org/repos/asf/cxf-fediz/blob/31101469/systests/springWebapp/pom.xml
----------------------------------------------------------------------
diff --git a/systests/springWebapp/pom.xml b/systests/springWebapp/pom.xml
deleted file mode 100644
index e668013..0000000
--- a/systests/springWebapp/pom.xml
+++ /dev/null
@@ -1,101 +0,0 @@
-<?xml version="1.0" encoding="UTF-8"?>
-<!--
-  Licensed to the Apache Software Foundation (ASF) under one
-  or more contributor license agreements. See the NOTICE file
-  distributed with this work for additional information
-  regarding copyright ownership. The ASF licenses this file
-  to you under the Apache License, Version 2.0 (the
-  "License"); you may not use this file except in compliance
-  with the License. You may obtain a copy of the License at
- 
-  http://www.apache.org/licenses/LICENSE-2.0
- 
-  Unless required by applicable law or agreed to in writing,
-  software distributed under the License is distributed on an
-  "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
-  KIND, either express or implied. See the License for the
-  specific language governing permissions and limitations
-  under the License.
--->
-<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/maven-v4_0_0.xsd">
-    <modelVersion>4.0.0</modelVersion>
-    <parent>
-        <groupId>org.apache.cxf.fediz</groupId>
-        <artifactId>fediz-systests</artifactId>
-        <version>1.2.0-SNAPSHOT</version>
-        <relativePath>../pom.xml</relativePath>
-    </parent>
-    <groupId>org.apache.cxf.fediz.systests</groupId>
-    <artifactId>fediz-systests-springWebapp</artifactId>
-    <name>Apache Fediz Systests SpringWebapp</name>
-    <packaging>war</packaging>
-
-    <properties>
-        <project.build.sourceEncoding>UTF-8</project.build.sourceEncoding>
-    </properties>
-
-    <dependencies>
-        <dependency>
-            <groupId>javax.servlet</groupId>
-            <artifactId>servlet-api</artifactId>
-            <version>${servlet.version}</version>
-            <scope>provided</scope>
-        </dependency>
-        <dependency>
-            <groupId>org.slf4j</groupId>
-            <artifactId>slf4j-log4j12</artifactId>
-            <version>${slf4j.version}</version>
-        </dependency>
-        <dependency>
-            <groupId>org.apache.cxf.fediz</groupId>
-            <artifactId>fediz-spring</artifactId>
-            <version>${project.version}</version>
-        </dependency>
-        <dependency>
-            <groupId>org.apache.commons</groupId>
-            <artifactId>commons-lang3</artifactId>
-            <version>${commons.lang.version}</version>
-        </dependency>
-        <dependency>
-            <groupId>log4j</groupId>
-            <artifactId>log4j</artifactId>
-            <version>${log4j.version}</version>
-            <exclusions>
-                <exclusion>
-                    <groupId>javax.mail</groupId>
-                    <artifactId>mail</artifactId>
-                </exclusion>
-                <exclusion>
-                    <groupId>javax.jms</groupId>
-                    <artifactId>jms</artifactId>
-                </exclusion>
-                <exclusion>
-                    <groupId>com.sun.jdmk</groupId>
-                    <artifactId>jmxtools</artifactId>
-                </exclusion>
-                <exclusion>
-                    <groupId>com.sun.jmx</groupId>
-                    <artifactId>jmxri</artifactId>
-                </exclusion>
-            </exclusions>
-        </dependency>
-    </dependencies>
-
-    <build>
-        <plugins>
-            <plugin><!--for mvn tomcat:deploy/:undeploy/:redeploy -->
-                <groupId>org.codehaus.mojo</groupId>
-                <artifactId>tomcat-maven-plugin</artifactId>
-                <version>1.1</version>
-                <configuration>
-                    <server>myTomcat</server>
-                    <url>http://localhost:8080/manager/text</url>
-                    <path>/${project.build.finalName}</path>
-                </configuration>
-            </plugin>
-        </plugins>
-        <!-- Name of the generated WAR file -->
-        <finalName>fedizhelloworld</finalName>
-    </build>
-
-</project>

http://git-wip-us.apache.org/repos/asf/cxf-fediz/blob/31101469/systests/springWebapp/src/main/java/org/apache/cxf/fediz/example/FederationServlet.java
----------------------------------------------------------------------
diff --git a/systests/springWebapp/src/main/java/org/apache/cxf/fediz/example/FederationServlet.java b/systests/springWebapp/src/main/java/org/apache/cxf/fediz/example/FederationServlet.java
deleted file mode 100644
index df0ce26..0000000
--- a/systests/springWebapp/src/main/java/org/apache/cxf/fediz/example/FederationServlet.java
+++ /dev/null
@@ -1,108 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- */
-
-package org.apache.cxf.fediz.example;
-
-import java.io.IOException;
-import java.io.PrintWriter;
-import java.security.Principal;
-import java.util.Arrays;
-import java.util.List;
-
-import javax.servlet.ServletException;
-import javax.servlet.http.HttpServlet;
-import javax.servlet.http.HttpServletRequest;
-import javax.servlet.http.HttpServletResponse;
-
-import org.w3c.dom.Element;
-
-import org.apache.cxf.fediz.core.Claim;
-import org.apache.cxf.fediz.core.ClaimCollection;
-import org.apache.cxf.fediz.core.SecurityTokenThreadLocal;
-import org.apache.cxf.fediz.spring.authentication.FederationAuthenticationToken;
-
-import org.springframework.security.core.Authentication;
-import org.springframework.security.core.GrantedAuthority;
-import org.springframework.security.core.context.SecurityContextHolder;
-
-public class FederationServlet extends HttpServlet {
-
-    /**
-     * 
-     */
-    private static final long serialVersionUID = -9019993850246851112L;
-
-    public void doGet(HttpServletRequest request, HttpServletResponse response) throws ServletException,
-        IOException {
-
-        response.setContentType("text/html");
-        PrintWriter out = response.getWriter();
-
-        out.println("<html>");
-        out.println("<head><title>WS Federation Systests Examples</title></head>");
-        out.println("<body>");
-        out.println("<p>Request url: " + request.getRequestURL().toString() + "</p>");
-
-        out.print("<p>userPrincipal=");
-        Principal p = request.getUserPrincipal();
-        if (p != null) {
-            out.print(p.getName());
-        }
-        out.println("</p>");
-
-        // Access Spring security context
-        Authentication auth = SecurityContextHolder.getContext().getAuthentication();
-        
-        if (auth instanceof FederationAuthenticationToken) {
-            FederationAuthenticationToken fedToken = (FederationAuthenticationToken)auth;
-            List<String> roleListToCheck = Arrays.asList("Admin", "Manager", "User", "Authenticated");
-            
-            for (String item : roleListToCheck) {
-                boolean found = false;
-                for (GrantedAuthority ga : fedToken.getAuthorities()) {
-                    if (ga.getAuthority().toLowerCase().indexOf(item.toLowerCase()) > -1) {
-                        found = true;
-                        break;
-                    }
-                }
-                out.println("<p>role:" + item + "=" + (found ? "true" : "false") + "</p>");
-            }
-            
-            ClaimCollection claims = fedToken.getClaims();
-            for (Claim c : claims) {
-                out.println("<p>" + c.getClaimType().toString() + "=" + c.getValue() + "</p>");
-            }
-            
-            Element el = fedToken.getLoginToken();
-            if (el != null) {
-                out.println("loginToken=FOUND{FedizPrincipal}<p>");
-            }
-            
-            el = SecurityTokenThreadLocal.getToken();
-            if (el != null) {
-                out.println("loginToken=FOUND{SecurityTokenThreadLocal}<p>");
-            }
-            
-        }
-                
-        out.println("</body>");
-        
-    }
-
-}

http://git-wip-us.apache.org/repos/asf/cxf-fediz/blob/31101469/systests/springWebapp/src/main/resources/log4j.properties
----------------------------------------------------------------------
diff --git a/systests/springWebapp/src/main/resources/log4j.properties b/systests/springWebapp/src/main/resources/log4j.properties
deleted file mode 100644
index 32d28b6..0000000
--- a/systests/springWebapp/src/main/resources/log4j.properties
+++ /dev/null
@@ -1,16 +0,0 @@
-# Set root category priority to INFO and its only appender to CONSOLE.
-log4j.rootLogger=INFO, CONSOLE
-log4j.logger.org.springframework=INFO, CONSOLE
-log4j.additivity.org.springframework=false
-log4j.logger.org.springframework.security=DEBUG, CONSOLE
-log4j.additivity.org.springframework.security=false
-log4j.logger.org.apache.cxf.fediz=DEBUG, CONSOLE
-log4j.additivity.org.apache.cxf.fediz=false
-
-# CONSOLE is set to be a ConsoleAppender using a PatternLayout.
-log4j.appender.CONSOLE=org.apache.log4j.ConsoleAppender
-log4j.appender.CONSOLE.Threshold=INFO
-log4j.appender.CONSOLE.layout=org.apache.log4j.PatternLayout
-log4j.appender.CONSOLE.layout.ConversionPattern=%d [%t] %-5p %c %x - %m%n
-
-

http://git-wip-us.apache.org/repos/asf/cxf-fediz/blob/31101469/systests/springWebapp/src/main/resources/logging.properties
----------------------------------------------------------------------
diff --git a/systests/springWebapp/src/main/resources/logging.properties b/systests/springWebapp/src/main/resources/logging.properties
deleted file mode 100644
index f5849dc..0000000
--- a/systests/springWebapp/src/main/resources/logging.properties
+++ /dev/null
@@ -1,53 +0,0 @@
-############################################################
-#  	Default Logging Configuration File
-#
-# You can use a different file by specifying a filename
-# with the java.util.logging.config.file system property.  
-# For example java -Djava.util.logging.config.file=myfile
-############################################################
-
-############################################################
-#  	Global properties
-############################################################
-
-# "handlers" specifies a comma separated list of log Handler 
-# classes.  These handlers will be installed during VM startup.
-# Note that these classes must be on the system classpath.
-# By default we only configure a ConsoleHandler, which will only
-# show messages at the WARNING and above levels.
-handlers= java.util.logging.ConsoleHandler
-#handlers= java.util.logging.FileHandler, java.util.logging.ConsoleHandler
-
-# Default global logging level.
-# This specifies which kinds of events are logged across
-# all loggers.  For any given facility this global level
-# can be overridden by a facility specific level
-# Note that the ConsoleHandler also has a separate level
-# setting to limit messages printed to the console.
-.level= FINEST
-
-############################################################
-# Handler specific properties.
-# Describes specific configuration info for Handlers.
-############################################################
-
-# default file output is in user's home directory.
-java.util.logging.FileHandler.pattern = %h/java%u.log
-java.util.logging.FileHandler.limit = 50000
-java.util.logging.FileHandler.count = 1
-java.util.logging.FileHandler.formatter = java.util.logging.XMLFormatter
-
-# Limit the message that are printed on the console to WARNING and above.
-java.util.logging.ConsoleHandler.level = FINEST
-java.util.logging.ConsoleHandler.formatter = java.util.logging.SimpleFormatter
-
-
-############################################################
-# Facility specific properties.
-# Provides extra control for each logger.
-############################################################
-
-# For example, set the com.xyz.foo logger to only log SEVERE
-# messages:
-#com.xyz.foo.level = SEVERE
-#org.apache.cxf.fediz.level = FINEST

http://git-wip-us.apache.org/repos/asf/cxf-fediz/blob/31101469/systests/springWebapp/src/main/resources/ststrust.jks
----------------------------------------------------------------------
diff --git a/systests/springWebapp/src/main/resources/ststrust.jks b/systests/springWebapp/src/main/resources/ststrust.jks
deleted file mode 100644
index 911945c..0000000
Binary files a/systests/springWebapp/src/main/resources/ststrust.jks and /dev/null differ

http://git-wip-us.apache.org/repos/asf/cxf-fediz/blob/31101469/systests/springWebapp/src/main/webapp/WEB-INF/applicationContext-security.xml
----------------------------------------------------------------------
diff --git a/systests/springWebapp/src/main/webapp/WEB-INF/applicationContext-security.xml b/systests/springWebapp/src/main/webapp/WEB-INF/applicationContext-security.xml
deleted file mode 100644
index b2c1a08..0000000
--- a/systests/springWebapp/src/main/webapp/WEB-INF/applicationContext-security.xml
+++ /dev/null
@@ -1,94 +0,0 @@
-<?xml version="1.0" encoding="UTF-8"?>
-
-<beans xmlns="http://www.springframework.org/schema/beans"
-    xmlns:sec="http://www.springframework.org/schema/security"
-    xmlns:p="http://www.springframework.org/schema/p"
-    xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
-    xmlns:context="http://www.springframework.org/schema/context"
-    xmlns:util="http://www.springframework.org/schema/util"
-    xsi:schemaLocation="http://www.springframework.org/schema/security http://www.springframework.org/schema/security/spring-security-3.1.xsd
-http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-3.0.xsd
-http://www.springframework.org/schema/util http://www.springframework.org/schema/util/spring-util-3.0.xsd
-http://www.springframework.org/schema/context http://www.springframework.org/schema/context/spring-context-3.0.xsd">
-
-    <!-- DIABLE in production as it might log confidential information about the user -->
-    <sec:debug />
-
-    <sec:http entry-point-ref="federationEntryPoint" use-expressions="true">
-        <sec:intercept-url pattern="/" access="permitAll"/>
-        <sec:intercept-url pattern="/fediz" access="permitAll"/>
-        <sec:intercept-url pattern="/index.html" access="permitAll"/>
-        <sec:intercept-url pattern="/FederationMetadata/**" access="isAuthenticated()"/>
-        <sec:intercept-url pattern="/secure/fedservlet" access="isAuthenticated()"/>
-        <sec:intercept-url pattern="/secure/manager/**" access="hasRole('ROLE_MANAGER')"/>
-        <sec:intercept-url pattern="/secure/admin/**" access="hasRole('ROLE_ADMIN')"/>
-        <sec:intercept-url pattern="/secure/user/**" access="hasAnyRole('ROLE_USER','ROLE_ADMIN','ROLE_MANAGER')"/>
-        <sec:custom-filter ref="federationFilter" after="BASIC_AUTH_FILTER" />
-        <sec:custom-filter ref="logoutFilter" position="LOGOUT_FILTER"/>
-        <sec:custom-filter ref="federationSignOutCleanupFilter" position="PRE_AUTH_FILTER"/>
-        <sec:session-management session-authentication-strategy-ref="sas"/>
-    </sec:http>
-
-
-    <sec:authentication-manager alias="authManager">
-        <sec:authentication-provider ref="federationAuthProvider" />
-    </sec:authentication-manager>
-
-    <bean id="fedizConfig" class="org.apache.cxf.fediz.spring.FederationConfigImpl" init-method="init"
-        p:configFile="file:./target/test-classes/fediz_config.xml" />
-
-    <bean id="federationEntryPoint"
-        class="org.apache.cxf.fediz.spring.web.FederationAuthenticationEntryPoint"
-        p:federationConfig-ref="fedizConfig" />
-
-<!-- Works without org.springframework.security.web.authentication.session.SessionFixationProtectionStrategy as well -->
-<!-- 
-    <bean id="federationFilter"
-        class="org.apache.cxf.fediz.spring.web.FederationAuthenticationFilter"
-        p:authenticationManager-ref="authManager" p:sessionAuthenticationStrategy-ref="sas">
-
-        <property name="authenticationFailureHandler">
-            <bean class="org.springframework.security.web.authentication.SimpleUrlAuthenticationFailureHandler" />
-        </property>
-    </bean>
- -->
- 
-    <bean id="federationFilter"
-        class="org.apache.cxf.fediz.spring.web.FederationAuthenticationFilter"
-        p:authenticationManager-ref="authManager">
-
-        <property name="authenticationFailureHandler">
-            <bean class="org.springframework.security.web.authentication.SimpleUrlAuthenticationFailureHandler" />
-        </property>
-    </bean>
-    
-    <bean id="federationAuthProvider" class="org.apache.cxf.fediz.spring.authentication.FederationAuthenticationProvider"
-        p:federationConfig-ref="fedizConfig">
-        <property name="authenticationUserDetailsService">
-            <bean class="org.apache.cxf.fediz.spring.authentication.GrantedAuthoritiesUserDetailsFederationService"/>
-        </property>
-    </bean>
-
-    <bean id="sas" class="org.springframework.security.web.authentication.session.SessionFixationProtectionStrategy" />
-
-    <bean id="logoutFilter" class="org.apache.cxf.fediz.spring.web.FederationLogoutFilter">
-        <constructor-arg  name="logoutSuccessHandler" ref="federationLogoutSuccessHandler"/>
-        <constructor-arg  name="handlers">
-            <list>
-                <ref bean="securityContextLogoutHandler"/>
-            </list>
-        </constructor-arg>
-        <property name="federationConfig" ref="fedizConfig"/>
-    </bean>
-
-    <bean id="federationLogoutSuccessHandler" class="org.apache.cxf.fediz.spring.web.FederationLogoutSuccessHandler">
-        <property name="federationConfig" ref="fedizConfig"/>
-    </bean>
-
-    <bean id="securityContextLogoutHandler" name="securityContextLogoutHandler"
-          class="org.springframework.security.web.authentication.logout.SecurityContextLogoutHandler">
-    </bean>
-
-    <bean id="federationSignOutCleanupFilter" class="org.apache.cxf.fediz.spring.web.FederationSignOutCleanupFilter"/>
-</beans>
-

http://git-wip-us.apache.org/repos/asf/cxf-fediz/blob/31101469/systests/springWebapp/src/main/webapp/WEB-INF/web.xml
----------------------------------------------------------------------
diff --git a/systests/springWebapp/src/main/webapp/WEB-INF/web.xml b/systests/springWebapp/src/main/webapp/WEB-INF/web.xml
deleted file mode 100644
index c3b6a28..0000000
--- a/systests/springWebapp/src/main/webapp/WEB-INF/web.xml
+++ /dev/null
@@ -1,64 +0,0 @@
-<web-app xmlns="http://java.sun.com/xml/ns/javaee" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
-	xsi:schemaLocation="http://java.sun.com/xml/ns/javaee
-                      http://java.sun.com/xml/ns/javaee/web-app_3_0.xsd"
-	version="3.0" metadata-complete="true">
-
-	<description>
-    WS Federation Spring Example
-    </description>
-	<display-name>WS Federation Spring Example</display-name>
-	
-
-
-    <!--
-      - Location of the XML file that defines the root application context
-      - Applied by ContextLoaderListener.
-      -->
-    <context-param>
-        <param-name>contextConfigLocation</param-name>
-        <param-value>
-            /WEB-INF/applicationContext-security.xml
-        </param-value>
-    </context-param>
-
-    <filter>
-        <filter-name>springSecurityFilterChain</filter-name>
-        <filter-class>org.springframework.web.filter.DelegatingFilterProxy</filter-class>
-    </filter>
-    
-    <!-- Optional: Cache the security token in Thread Local Storage -->
-	<filter>
-		<filter-name>FederationFilter</filter-name>
-		<filter-class>org.apache.cxf.fediz.core.servlet.FederationFilter</filter-class>
-	</filter>
-
-    <filter-mapping>
-      <filter-name>springSecurityFilterChain</filter-name>
-      <url-pattern>/*</url-pattern>
-    </filter-mapping>
-    
-    <filter-mapping>
-		<filter-name>FederationFilter</filter-name>
-		<url-pattern>/secure/*</url-pattern>
-	</filter-mapping>
-
-    <!--
-      - Loads the root application context of this web app at startup.
-      - The application context is then available via
-      - WebApplicationContextUtils.getWebApplicationContext(servletContext).
-    -->
-    <listener>
-        <listener-class>org.springframework.web.context.ContextLoaderListener</listener-class>
-    </listener>
-     
-	<servlet>
-		<servlet-name>FederationServlet</servlet-name>
-		<servlet-class>org.apache.cxf.fediz.example.FederationServlet</servlet-class>
-	</servlet>
-
-	<servlet-mapping>
-		<servlet-name>FederationServlet</servlet-name>
-		<url-pattern>/secure/*</url-pattern>
-	</servlet-mapping>
-
-</web-app>

http://git-wip-us.apache.org/repos/asf/cxf-fediz/blob/31101469/systests/springWebapp/src/main/webapp/index.html
----------------------------------------------------------------------
diff --git a/systests/springWebapp/src/main/webapp/index.html b/systests/springWebapp/src/main/webapp/index.html
deleted file mode 100644
index a9dbdaa..0000000
--- a/systests/springWebapp/src/main/webapp/index.html
+++ /dev/null
@@ -1,25 +0,0 @@
-<!--
-  Licensed to the Apache Software Foundation (ASF) under one or more
-  contributor license agreements.  See the NOTICE file distributed with
-  this work for additional information regarding copyright ownership.
-  The ASF licenses this file to You under the Apache License, Version 2.0
-  (the "License"); you may not use this file except in compliance with
-  the License.  You may obtain a copy of the License at
-
-      http://www.apache.org/licenses/LICENSE-2.0
-
-  Unless required by applicable law or agreed to in writing, software
-  distributed under the License is distributed on an "AS IS" BASIS,
-  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-  See the License for the specific language governing permissions and
-  limitations under the License.
--->
-<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN">
-<HTML><HEAD><TITLE>WS Federation Tomcat Examples</TITLE>
-<META http-equiv=Content-Type content="text/html">
-</HEAD>
-<BODY>
-<P>
-<H3>Hello World</H3>
-<P></P>
-</BODY></HTML>

http://git-wip-us.apache.org/repos/asf/cxf-fediz/blob/31101469/systests/springWebapp/src/main/webapp/secure/test.html
----------------------------------------------------------------------
diff --git a/systests/springWebapp/src/main/webapp/secure/test.html b/systests/springWebapp/src/main/webapp/secure/test.html
deleted file mode 100644
index 9cf7366..0000000
--- a/systests/springWebapp/src/main/webapp/secure/test.html
+++ /dev/null
@@ -1,25 +0,0 @@
-<!--
-  Licensed to the Apache Software Foundation (ASF) under one or more
-  contributor license agreements.  See the NOTICE file distributed with
-  this work for additional information regarding copyright ownership.
-  The ASF licenses this file to You under the Apache License, Version 2.0
-  (the "License"); you may not use this file except in compliance with
-  the License.  You may obtain a copy of the License at
-
-      http://www.apache.org/licenses/LICENSE-2.0
-
-  Unless required by applicable law or agreed to in writing, software
-  distributed under the License is distributed on an "AS IS" BASIS,
-  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-  See the License for the specific language governing permissions and
-  limitations under the License.
--->
-<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN">
-<HTML><HEAD><TITLE>WS Federation Tomcat Examples</TITLE>
-<META http-equiv=Content-Type content="text/html">
-</HEAD>
-<BODY>
-<P>
-<H3>Secure Test</H3>
-<P></P>
-</BODY></HTML>

http://git-wip-us.apache.org/repos/asf/cxf-fediz/blob/31101469/systests/tomcat7/pom.xml
----------------------------------------------------------------------
diff --git a/systests/tomcat7/pom.xml b/systests/tomcat7/pom.xml
index ea5800f..b96a516 100644
--- a/systests/tomcat7/pom.xml
+++ b/systests/tomcat7/pom.xml
@@ -162,8 +162,8 @@
                                     <outputDirectory>target/tomcat/idp/webapps/fediz-idp-sts</outputDirectory>
                                 </artifactItem>
                                 <artifactItem>
-                                    <groupId>org.apache.cxf.fediz.systests</groupId>
-                                    <artifactId>fediz-systests-simpleWebapp</artifactId>
+                                    <groupId>org.apache.cxf.fediz.systests.webapps</groupId>
+                                    <artifactId>fediz-systests-webapps-simple</artifactId>
                                     <version>${project.version}</version>
                                     <type>war</type>
                                     <overWrite>true</overWrite>

http://git-wip-us.apache.org/repos/asf/cxf-fediz/blob/31101469/systests/webapps/cxfWebapp/pom.xml
----------------------------------------------------------------------
diff --git a/systests/webapps/cxfWebapp/pom.xml b/systests/webapps/cxfWebapp/pom.xml
new file mode 100644
index 0000000..6e6166a
--- /dev/null
+++ b/systests/webapps/cxfWebapp/pom.xml
@@ -0,0 +1,73 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!--
+  Licensed to the Apache Software Foundation (ASF) under one
+  or more contributor license agreements. See the NOTICE file
+  distributed with this work for additional information
+  regarding copyright ownership. The ASF licenses this file
+  to you under the Apache License, Version 2.0 (the
+  "License"); you may not use this file except in compliance
+  with the License. You may obtain a copy of the License at
+ 
+  http://www.apache.org/licenses/LICENSE-2.0
+ 
+  Unless required by applicable law or agreed to in writing,
+  software distributed under the License is distributed on an
+  "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+  KIND, either express or implied. See the License for the
+  specific language governing permissions and limitations
+  under the License.
+-->
+<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/maven-v4_0_0.xsd">
+    <modelVersion>4.0.0</modelVersion>
+    <parent>
+        <groupId>org.apache.cxf.fediz.systests</groupId>
+        <artifactId>fediz-systests-webapps</artifactId>
+        <version>1.2.0-SNAPSHOT</version>
+        <relativePath>../pom.xml</relativePath>
+    </parent>
+    <groupId>org.apache.cxf.fediz.systests.webapps</groupId>
+    <artifactId>fediz-systests-webapps-cxf</artifactId>
+    <name>Apache Fediz Systests CXF Webapp</name>
+    <packaging>war</packaging>
+    <properties>
+        <project.build.sourceEncoding>UTF-8</project.build.sourceEncoding>
+    </properties>
+    <dependencies>
+        <dependency>
+            <groupId>javax.servlet</groupId>
+            <artifactId>servlet-api</artifactId>
+            <version>${servlet.version}</version>
+            <scope>provided</scope>
+        </dependency>
+        <dependency>
+            <groupId>org.apache.cxf.fediz</groupId>
+            <artifactId>fediz-cxf</artifactId>
+            <version>${project.version}</version>
+        </dependency>
+        <dependency>
+            <groupId>org.apache.commons</groupId>
+            <artifactId>commons-lang3</artifactId>
+            <version>${commons.lang.version}</version>
+        </dependency>      
+        <dependency>
+           <groupId>org.apache.cxf</groupId>
+           <artifactId>cxf-rt-frontend-jaxrs</artifactId>
+           <version>${cxf.version}</version>
+       </dependency>
+       <dependency>
+            <groupId>org.springframework</groupId>
+            <artifactId>spring-web</artifactId>
+            <version>${spring.version}</version>
+        </dependency>
+        <dependency>
+            <groupId>org.slf4j</groupId>
+            <artifactId>slf4j-jdk14</artifactId>
+            <version>${slf4j.version}</version>
+        </dependency>
+
+    </dependencies>
+    <build>
+        <!-- Name of the generated WAR file -->
+        <finalName>fedizhelloworld</finalName>
+    </build>
+</project>

http://git-wip-us.apache.org/repos/asf/cxf-fediz/blob/31101469/systests/webapps/cxfWebapp/src/main/java/org/apache/cxf/fediz/example/FedizExceptionMapper.java
----------------------------------------------------------------------
diff --git a/systests/webapps/cxfWebapp/src/main/java/org/apache/cxf/fediz/example/FedizExceptionMapper.java b/systests/webapps/cxfWebapp/src/main/java/org/apache/cxf/fediz/example/FedizExceptionMapper.java
new file mode 100644
index 0000000..0a31396
--- /dev/null
+++ b/systests/webapps/cxfWebapp/src/main/java/org/apache/cxf/fediz/example/FedizExceptionMapper.java
@@ -0,0 +1,36 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+
+package org.apache.cxf.fediz.example;
+
+import javax.ws.rs.core.Response;
+import javax.ws.rs.ext.ExceptionMapper;
+
+import org.apache.cxf.interceptor.security.AccessDeniedException;
+
+/**
+ * Map 500 -> 403
+ */
+public class FedizExceptionMapper implements ExceptionMapper<AccessDeniedException> {
+
+    public Response toResponse(AccessDeniedException exception) {
+        return Response.status(Response.Status.FORBIDDEN).build();
+    }
+
+}
\ No newline at end of file

http://git-wip-us.apache.org/repos/asf/cxf-fediz/blob/31101469/systests/webapps/cxfWebapp/src/main/java/org/apache/cxf/fediz/example/Service.java
----------------------------------------------------------------------
diff --git a/systests/webapps/cxfWebapp/src/main/java/org/apache/cxf/fediz/example/Service.java b/systests/webapps/cxfWebapp/src/main/java/org/apache/cxf/fediz/example/Service.java
new file mode 100644
index 0000000..d91f8ba
--- /dev/null
+++ b/systests/webapps/cxfWebapp/src/main/java/org/apache/cxf/fediz/example/Service.java
@@ -0,0 +1,120 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+package org.apache.cxf.fediz.example;
+
+import java.security.Principal;
+import java.util.Arrays;
+import java.util.List;
+
+import javax.annotation.security.RolesAllowed;
+import javax.ws.rs.GET;
+import javax.ws.rs.Path;
+import javax.ws.rs.Produces;
+import javax.ws.rs.core.Context;
+import javax.ws.rs.core.UriInfo;
+
+import org.w3c.dom.Element;
+import org.apache.cxf.fediz.core.Claim;
+import org.apache.cxf.fediz.core.ClaimCollection;
+import org.apache.cxf.fediz.core.FedizPrincipal;
+import org.apache.cxf.fediz.core.SecurityTokenThreadLocal;
+import org.apache.cxf.jaxrs.ext.MessageContext;
+
+@Path("/secure/")
+@Produces("text/html")
+public class Service {
+    @Context
+    private MessageContext messageContext;
+
+    @Path("/admin/fedservlet")
+    @RolesAllowed("Admin")
+    @GET
+    public String doGetAdmin(@Context UriInfo uriInfo) throws Exception {
+        return doGet(uriInfo);
+    }
+    
+    @Path("/manager/fedservlet")
+    @RolesAllowed("Manager")
+    @GET
+    public String doGetManager(@Context UriInfo uriInfo) throws Exception {
+        return doGet(uriInfo);
+    }
+    
+    @Path("/user/fedservlet")
+    @RolesAllowed({ "User", "Admin", "Manager" })
+    @GET
+    public String doGetUser(@Context UriInfo uriInfo) throws Exception {
+        return doGet(uriInfo);
+    }
+    
+    @Path("/fedservlet")
+    @RolesAllowed({ "User", "Admin", "Manager", "Authenticated" })
+    @GET
+    @Produces("text/html")
+    public String doGetSecure(@Context UriInfo uriInfo) throws Exception {
+        return doGet(uriInfo);
+    }
+    
+    private String doGet(@Context UriInfo uriInfo) throws Exception {
+       
+        StringBuilder out = new StringBuilder();
+        out.append("<html>\n");
+        out.append("<head><title>WS Federation Systests Examples</title></head>\n");
+        out.append("<body>\n");
+        out.append("<p>Request url: " + uriInfo.getAbsolutePath() + "</p>\n");
+
+        out.append("<p>userPrincipal=");
+        Principal p = messageContext.getSecurityContext().getUserPrincipal();
+        if (p != null) {
+            out.append(p.getName());
+        }
+        out.append("</p>\n");
+        
+        List<String> roleListToCheck = Arrays.asList("Admin", "Manager", "User", "Authenticated");
+        for (String item: roleListToCheck) {
+            out.append("<p>role:" + item + "=" 
+                + ((messageContext.getSecurityContext().isUserInRole(item)) ? "true" : "false") 
+                + "</p>\n");
+        }
+
+        if (p instanceof FedizPrincipal) {
+            FedizPrincipal fp = (FedizPrincipal)p;
+            
+            ClaimCollection claims = fp.getClaims();
+            for (Claim c: claims) {
+                out.append("<p>" + c.getClaimType().toString() + "=" + c.getValue() + "</p>\n");
+            }
+            
+            Element el = fp.getLoginToken();
+            if (el != null) {
+                out.append("loginToken=FOUND{FedizPrincipal}<p>\n");
+            }
+            
+            el = SecurityTokenThreadLocal.getToken();
+            if (el != null) {
+                out.append("loginToken=FOUND{SecurityTokenThreadLocal}<p>\n");
+            }
+            
+        }
+        
+        out.append("</body>\n");
+        
+        return out.toString();
+    }
+}

http://git-wip-us.apache.org/repos/asf/cxf-fediz/blob/31101469/systests/webapps/cxfWebapp/src/main/resources/fediz_config.xml
----------------------------------------------------------------------
diff --git a/systests/webapps/cxfWebapp/src/main/resources/fediz_config.xml b/systests/webapps/cxfWebapp/src/main/resources/fediz_config.xml
new file mode 100644
index 0000000..8d0f0a5
--- /dev/null
+++ b/systests/webapps/cxfWebapp/src/main/resources/fediz_config.xml
@@ -0,0 +1,40 @@
+<?xml version="1.0" encoding="UTF-8" standalone="yes"?>
+<!-- Place in Tomcat conf folder or other location as designated in this sample's webapp/META-INF/context.xml file. 
+     Keystore referenced below must have IDP STS' public cert included in it.  This example re-uses the Tomcat SSL 
+     keystore (tomcat-rp.jks) for this task; alternatively you may wish to use a Fediz-specific keystore instead. 
+-->
+<FedizConfig>
+    <contextConfig name="/fedizhelloworld">
+        <audienceUris>
+            <audienceItem>urn:org:apache:cxf:fediz:fedizhelloworld</audienceItem>
+        </audienceUris>
+        <certificateStores>
+            <trustManager>
+                <keyStore file="test-classes/ststrust.jks"
+                          password="storepass" type="JKS" />
+            </trustManager>
+        </certificateStores>
+        <trustedIssuers>
+            <issuer certificateValidation="PeerTrust" />
+        </trustedIssuers>
+        <maximumClockSkew>1000</maximumClockSkew>
+        <protocol xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+            xsi:type="federationProtocolType" version="1.0.0">
+            <realm>urn:org:apache:cxf:fediz:fedizhelloworld</realm>
+            <issuer>https://localhost:${idp.https.port}/fediz-idp/federation</issuer>
+            <roleDelimiter>,</roleDelimiter>
+            <roleURI>http://schemas.xmlsoap.org/ws/2005/05/identity/claims/role</roleURI>
+            <freshness>10</freshness>
+            <homeRealm type="String">urn:org:apache:cxf:fediz:idp:realm-A</homeRealm>
+            <claimTypesRequested>
+                <claimType type="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/role" optional="false" />
+				<claimType type="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/givenname" optional="true" />
+				<claimType type="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/surname" optional="true" />
+				<claimType type="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/emailaddress" optional="true" />
+            </claimTypesRequested>
+        </protocol>
+        <logoutURL>/secure/logout</logoutURL>
+        <logoutRedirectTo>/index.html</logoutRedirectTo>
+    </contextConfig>
+</FedizConfig>
+

http://git-wip-us.apache.org/repos/asf/cxf-fediz/blob/31101469/systests/webapps/cxfWebapp/src/main/resources/log4j.properties
----------------------------------------------------------------------
diff --git a/systests/webapps/cxfWebapp/src/main/resources/log4j.properties b/systests/webapps/cxfWebapp/src/main/resources/log4j.properties
new file mode 100644
index 0000000..5fc56e3
--- /dev/null
+++ b/systests/webapps/cxfWebapp/src/main/resources/log4j.properties
@@ -0,0 +1,17 @@
+# Set root category priority to INFO and its only appender to CONSOLE.
+log4j.rootCategory=FATAL, CONSOLE
+#log4j.rootCategory=DEBUG, CONSOLE
+
+# CONSOLE is set to be a ConsoleAppender using a PatternLayout.
+log4j.appender.CONSOLE=org.apache.log4j.ConsoleAppender
+log4j.appender.CONSOLE.Threshold=DEBUG
+log4j.appender.CONSOLE.layout=org.apache.log4j.PatternLayout
+log4j.appender.CONSOLE.layout.ConversionPattern=- %m%n
+
+# LOGFILE is set to be a File appender using a PatternLayout.
+log4j.appender.LOGFILE=org.apache.log4j.FileAppender
+log4j.appender.LOGFILE.File=target/wss4j.log
+log4j.appender.LOGFILE.Append=false
+log4j.appender.LOGFILE.Threshold=DEBUG
+log4j.appender.LOGFILE.layout=org.apache.log4j.PatternLayout
+log4j.appender.LOGFILE.layout.ConversionPattern=%-4r [%t] %-5p %c %x - %m%n

http://git-wip-us.apache.org/repos/asf/cxf-fediz/blob/31101469/systests/webapps/cxfWebapp/src/main/resources/logging.properties
----------------------------------------------------------------------
diff --git a/systests/webapps/cxfWebapp/src/main/resources/logging.properties b/systests/webapps/cxfWebapp/src/main/resources/logging.properties
new file mode 100644
index 0000000..c185d61
--- /dev/null
+++ b/systests/webapps/cxfWebapp/src/main/resources/logging.properties
@@ -0,0 +1,52 @@
+############################################################
+#  	Default Logging Configuration File
+#
+# You can use a different file by specifying a filename
+# with the java.util.logging.config.file system property.  
+# For example java -Djava.util.logging.config.file=myfile
+############################################################
+
+############################################################
+#  	Global properties
+############################################################
+
+# "handlers" specifies a comma separated list of log Handler 
+# classes.  These handlers will be installed during VM startup.
+# Note that these classes must be on the system classpath.
+# By default we only configure a ConsoleHandler, which will only
+# show messages at the WARNING and above levels.
+handlers= java.util.logging.ConsoleHandler
+#handlers= java.util.logging.FileHandler, java.util.logging.ConsoleHandler
+
+# Default global logging level.
+# This specifies which kinds of events are logged across
+# all loggers.  For any given facility this global level
+# can be overridden by a facility specific level
+# Note that the ConsoleHandler also has a separate level
+# setting to limit messages printed to the console.
+.level= INFO
+
+############################################################
+# Handler specific properties.
+# Describes specific configuration info for Handlers.
+############################################################
+
+# default file output is in user's home directory.
+java.util.logging.FileHandler.pattern = %h/java%u.log
+java.util.logging.FileHandler.limit = 50000
+java.util.logging.FileHandler.count = 1
+java.util.logging.FileHandler.formatter = java.util.logging.XMLFormatter
+
+# Limit the message that are printed on the console to WARNING and above.
+java.util.logging.ConsoleHandler.level = INFO
+java.util.logging.ConsoleHandler.formatter = java.util.logging.SimpleFormatter
+
+
+############################################################
+# Facility specific properties.
+# Provides extra control for each logger.
+############################################################
+
+# For example, set the com.xyz.foo logger to only log SEVERE
+# messages:
+#com.xyz.foo.level = SEVERE

http://git-wip-us.apache.org/repos/asf/cxf-fediz/blob/31101469/systests/webapps/cxfWebapp/src/main/resources/ststrust.jks
----------------------------------------------------------------------
diff --git a/systests/webapps/cxfWebapp/src/main/resources/ststrust.jks b/systests/webapps/cxfWebapp/src/main/resources/ststrust.jks
new file mode 100644
index 0000000..911945c
Binary files /dev/null and b/systests/webapps/cxfWebapp/src/main/resources/ststrust.jks differ

http://git-wip-us.apache.org/repos/asf/cxf-fediz/blob/31101469/systests/webapps/cxfWebapp/src/main/webapp/WEB-INF/applicationContext.xml
----------------------------------------------------------------------
diff --git a/systests/webapps/cxfWebapp/src/main/webapp/WEB-INF/applicationContext.xml b/systests/webapps/cxfWebapp/src/main/webapp/WEB-INF/applicationContext.xml
new file mode 100644
index 0000000..eea155c
--- /dev/null
+++ b/systests/webapps/cxfWebapp/src/main/webapp/WEB-INF/applicationContext.xml
@@ -0,0 +1,47 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!--
+  Licensed to the Apache Software Foundation (ASF) under one
+  or more contributor license agreements. See the NOTICE file
+  distributed with this work for additional information
+  regarding copyright ownership. The ASF licenses this file
+  to you under the Apache License, Version 2.0 (the
+  "License"); you may not use this file except in compliance
+  with the License. You may obtain a copy of the License at
+ 
+  http://www.apache.org/licenses/LICENSE-2.0
+ 
+  Unless required by applicable law or agreed to in writing,
+  software distributed under the License is distributed on an
+  "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+  KIND, either express or implied. See the License for the
+  specific language governing permissions and limitations
+  under the License.
+-->
+<beans 
+    xmlns="http://www.springframework.org/schema/beans"
+    xmlns:cxf="http://cxf.apache.org/core"
+    xmlns:jaxws="http://cxf.apache.org/jaxws"
+    xmlns:test="http://apache.org/hello_world_soap_http"
+    xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+    xmlns:util="http://www.springframework.org/schema/util"
+    xsi:schemaLocation="
+        http://cxf.apache.org/core
+        http://cxf.apache.org/schemas/core.xsd
+        http://www.springframework.org/schema/beans
+        http://www.springframework.org/schema/beans/spring-beans-2.0.xsd
+        http://cxf.apache.org/jaxws
+        http://cxf.apache.org/schemas/jaxws.xsd
+        http://www.springframework.org/schema/util
+        http://www.springframework.org/schema/util/spring-util-2.0.xsd">
+    
+    <import resource="classpath:META-INF/cxf/cxf.xml"/>   
+    <import resource="cxf-service.xml"/>  
+    
+    <cxf:bus>
+        <cxf:features>
+            <cxf:logging/>
+        </cxf:features>
+    </cxf:bus>
+
+</beans>
+

http://git-wip-us.apache.org/repos/asf/cxf-fediz/blob/31101469/systests/webapps/cxfWebapp/src/main/webapp/WEB-INF/cxf-service.xml
----------------------------------------------------------------------
diff --git a/systests/webapps/cxfWebapp/src/main/webapp/WEB-INF/cxf-service.xml b/systests/webapps/cxfWebapp/src/main/webapp/WEB-INF/cxf-service.xml
new file mode 100644
index 0000000..db04ac7
--- /dev/null
+++ b/systests/webapps/cxfWebapp/src/main/webapp/WEB-INF/cxf-service.xml
@@ -0,0 +1,79 @@
+<!--
+ Licensed to the Apache Software Foundation (ASF) under one
+ or more contributor license agreements. See the NOTICE file
+ distributed with this work for additional information
+ regarding copyright ownership. The ASF licenses this file
+ to you under the Apache License, Version 2.0 (the
+ "License"); you may not use this file except in compliance
+ with the License. You may obtain a copy of the License at
+ 
+ http://www.apache.org/licenses/LICENSE-2.0
+ 
+ Unless required by applicable law or agreed to in writing,
+ software distributed under the License is distributed on an
+ "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ KIND, either express or implied. See the License for the
+ specific language governing permissions and limitations
+ under the License.
+-->
+<beans xmlns="http://www.springframework.org/schema/beans"
+  xmlns:cxf="http://cxf.apache.org/core"
+  xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+  xmlns:sec="http://cxf.apache.org/configuration/security"
+  xmlns:http="http://cxf.apache.org/transports/http/configuration"
+  xmlns:jaxws="http://cxf.apache.org/jaxws"
+  xmlns:jaxrs="http://cxf.apache.org/jaxrs"
+  xsi:schemaLocation="
+            http://cxf.apache.org/core
+            http://cxf.apache.org/schemas/core.xsd
+            http://cxf.apache.org/configuration/security
+            http://cxf.apache.org/schemas/configuration/security.xsd
+            http://cxf.apache.org/jaxws
+            http://cxf.apache.org/schemas/jaxws.xsd
+            http://cxf.apache.org/jaxrs
+            http://cxf.apache.org/schemas/jaxrs.xsd
+            http://cxf.apache.org/transports/http/configuration
+            http://cxf.apache.org/schemas/configuration/http-conf.xsd
+            http://www.springframework.org/schema/beans
+            http://www.springframework.org/schema/beans/spring-beans.xsd">
+   
+   <import resource="classpath:META-INF/cxf/cxf.xml" />
+   
+   <bean class="org.springframework.beans.factory.config.PropertyPlaceholderConfigurer"/>
+   
+   <cxf:bus>
+        <cxf:features>
+            <cxf:logging/>
+        </cxf:features>
+   </cxf:bus>
+   
+   <bean id="serviceBean" class="org.apache.cxf.fediz.example.Service">
+   </bean>
+   
+   <bean id="fedizFilter" class="org.apache.cxf.fediz.cxf.plugin.FedizRedirectBindingFilter">
+       <property name="configFile" value="fediz_config.xml"/>
+   </bean>
+   
+   <bean id="exceptionMapper" class="org.apache.cxf.fediz.example.FedizExceptionMapper" />
+   
+   <bean id="authorizationInterceptor"
+      class="org.apache.cxf.interceptor.security.SecureAnnotationsInterceptor">
+      <property name="securedObject" ref="serviceBean" />
+   </bean>
+
+   <jaxrs:server
+        address="/">
+         <jaxrs:serviceBeans>
+            <ref bean="serviceBean"/>
+        </jaxrs:serviceBeans>
+        <jaxrs:providers>
+            <ref bean="fedizFilter"/>
+            <ref bean="exceptionMapper"/>
+        </jaxrs:providers>
+        <jaxrs:inInterceptors>
+            <ref bean="authorizationInterceptor"/>
+        </jaxrs:inInterceptors>
+   </jaxrs:server>
+
+</beans>
+

http://git-wip-us.apache.org/repos/asf/cxf-fediz/blob/31101469/systests/webapps/cxfWebapp/src/main/webapp/WEB-INF/web.xml
----------------------------------------------------------------------
diff --git a/systests/webapps/cxfWebapp/src/main/webapp/WEB-INF/web.xml b/systests/webapps/cxfWebapp/src/main/webapp/WEB-INF/web.xml
new file mode 100644
index 0000000..2297ff3
--- /dev/null
+++ b/systests/webapps/cxfWebapp/src/main/webapp/WEB-INF/web.xml
@@ -0,0 +1,29 @@
+<web-app xmlns="http://java.sun.com/xml/ns/javaee" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+	xsi:schemaLocation="http://java.sun.com/xml/ns/javaee
+                      http://java.sun.com/xml/ns/javaee/web-app_3_0.xsd"
+	version="3.0" metadata-complete="true">
+
+	<description>WS Federation Systests Example</description>
+	<display-name>WS Federation Systests Example</display-name>
+
+    <context-param>
+        <param-name>contextConfigLocation</param-name>
+        <param-value>WEB-INF/applicationContext.xml</param-value>
+    </context-param>
+
+    <listener>
+        <listener-class>org.springframework.web.context.ContextLoaderListener</listener-class>
+    </listener>
+
+    <servlet>
+        <servlet-name>FederationServlet</servlet-name>
+        <servlet-class>org.apache.cxf.transport.servlet.CXFServlet</servlet-class>
+        <load-on-startup>1</load-on-startup>
+    </servlet>
+
+	<servlet-mapping>
+		<servlet-name>FederationServlet</servlet-name>
+		<url-pattern>/*</url-pattern>
+	</servlet-mapping>
+
+</web-app>

http://git-wip-us.apache.org/repos/asf/cxf-fediz/blob/31101469/systests/webapps/cxfWebapp/src/main/webapp/index.html
----------------------------------------------------------------------
diff --git a/systests/webapps/cxfWebapp/src/main/webapp/index.html b/systests/webapps/cxfWebapp/src/main/webapp/index.html
new file mode 100644
index 0000000..a9dbdaa
--- /dev/null
+++ b/systests/webapps/cxfWebapp/src/main/webapp/index.html
@@ -0,0 +1,25 @@
+<!--
+  Licensed to the Apache Software Foundation (ASF) under one or more
+  contributor license agreements.  See the NOTICE file distributed with
+  this work for additional information regarding copyright ownership.
+  The ASF licenses this file to You under the Apache License, Version 2.0
+  (the "License"); you may not use this file except in compliance with
+  the License.  You may obtain a copy of the License at
+
+      http://www.apache.org/licenses/LICENSE-2.0
+
+  Unless required by applicable law or agreed to in writing, software
+  distributed under the License is distributed on an "AS IS" BASIS,
+  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+  See the License for the specific language governing permissions and
+  limitations under the License.
+-->
+<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN">
+<HTML><HEAD><TITLE>WS Federation Tomcat Examples</TITLE>
+<META http-equiv=Content-Type content="text/html">
+</HEAD>
+<BODY>
+<P>
+<H3>Hello World</H3>
+<P></P>
+</BODY></HTML>

http://git-wip-us.apache.org/repos/asf/cxf-fediz/blob/31101469/systests/webapps/cxfWebapp/src/main/webapp/secure/test.html
----------------------------------------------------------------------
diff --git a/systests/webapps/cxfWebapp/src/main/webapp/secure/test.html b/systests/webapps/cxfWebapp/src/main/webapp/secure/test.html
new file mode 100644
index 0000000..9cf7366
--- /dev/null
+++ b/systests/webapps/cxfWebapp/src/main/webapp/secure/test.html
@@ -0,0 +1,25 @@
+<!--
+  Licensed to the Apache Software Foundation (ASF) under one or more
+  contributor license agreements.  See the NOTICE file distributed with
+  this work for additional information regarding copyright ownership.
+  The ASF licenses this file to You under the Apache License, Version 2.0
+  (the "License"); you may not use this file except in compliance with
+  the License.  You may obtain a copy of the License at
+
+      http://www.apache.org/licenses/LICENSE-2.0
+
+  Unless required by applicable law or agreed to in writing, software
+  distributed under the License is distributed on an "AS IS" BASIS,
+  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+  See the License for the specific language governing permissions and
+  limitations under the License.
+-->
+<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN">
+<HTML><HEAD><TITLE>WS Federation Tomcat Examples</TITLE>
+<META http-equiv=Content-Type content="text/html">
+</HEAD>
+<BODY>
+<P>
+<H3>Secure Test</H3>
+<P></P>
+</BODY></HTML>

http://git-wip-us.apache.org/repos/asf/cxf-fediz/blob/31101469/systests/webapps/pom.xml
----------------------------------------------------------------------
diff --git a/systests/webapps/pom.xml b/systests/webapps/pom.xml
new file mode 100644
index 0000000..9c1d2e9
--- /dev/null
+++ b/systests/webapps/pom.xml
@@ -0,0 +1,40 @@
+<!--
+  Licensed to the Apache Software Foundation (ASF) under one
+  or more contributor license agreements. See the NOTICE file
+  distributed with this work for additional information
+  regarding copyright ownership. The ASF licenses this file
+  to you under the Apache License, Version 2.0 (the
+  "License"); you may not use this file except in compliance
+  with the License. You may obtain a copy of the License at
+ 
+  http://www.apache.org/licenses/LICENSE-2.0
+ 
+  Unless required by applicable law or agreed to in writing,
+  software distributed under the License is distributed on an
+  "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+  KIND, either express or implied. See the License for the
+  specific language governing permissions and limitations
+  under the License.
+-->
+<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/maven-v4_0_0.xsd">
+
+   <modelVersion>4.0.0</modelVersion>
+   <parent>
+       <groupId>org.apache.cxf.fediz</groupId>
+       <artifactId>fediz-systests</artifactId>
+       <version>1.2.0-SNAPSHOT</version>
+   </parent>
+   <groupId>org.apache.cxf.fediz.systests</groupId>
+   <artifactId>fediz-systests-webapps</artifactId>
+   <name>Apache Fediz Webapps for the System tests</name>
+   <packaging>pom</packaging>
+
+   <modules>
+      <module>simpleWebapp</module>
+      <module>springPreauthWebapp</module>
+      <module>springWebapp</module>
+      <module>spring2Webapp</module>
+      <module>cxfWebapp</module>
+   </modules>
+
+</project>

http://git-wip-us.apache.org/repos/asf/cxf-fediz/blob/31101469/systests/webapps/simpleWebapp/pom.xml
----------------------------------------------------------------------
diff --git a/systests/webapps/simpleWebapp/pom.xml b/systests/webapps/simpleWebapp/pom.xml
new file mode 100644
index 0000000..eec817c
--- /dev/null
+++ b/systests/webapps/simpleWebapp/pom.xml
@@ -0,0 +1,64 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!--
+  Licensed to the Apache Software Foundation (ASF) under one
+  or more contributor license agreements. See the NOTICE file
+  distributed with this work for additional information
+  regarding copyright ownership. The ASF licenses this file
+  to you under the Apache License, Version 2.0 (the
+  "License"); you may not use this file except in compliance
+  with the License. You may obtain a copy of the License at
+ 
+  http://www.apache.org/licenses/LICENSE-2.0
+ 
+  Unless required by applicable law or agreed to in writing,
+  software distributed under the License is distributed on an
+  "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+  KIND, either express or implied. See the License for the
+  specific language governing permissions and limitations
+  under the License.
+-->
+<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/maven-v4_0_0.xsd">
+    <modelVersion>4.0.0</modelVersion>
+    <parent>
+        <groupId>org.apache.cxf.fediz.systests</groupId>
+        <artifactId>fediz-systests-webapps</artifactId>
+        <version>1.2.0-SNAPSHOT</version>
+        <relativePath>../pom.xml</relativePath>
+    </parent>
+    <groupId>org.apache.cxf.fediz.systests.webapps</groupId>
+    <artifactId>fediz-systests-webapps-simple</artifactId>
+    <name>Apache Fediz Systests SimpleWebapp</name>
+    <packaging>war</packaging>
+    <properties>
+        <project.build.sourceEncoding>UTF-8</project.build.sourceEncoding>
+    </properties>
+    <dependencies>
+        <dependency>
+            <groupId>javax.servlet</groupId>
+            <artifactId>servlet-api</artifactId>
+            <version>${servlet.version}</version>
+            <scope>provided</scope>
+        </dependency>
+        <!-- Required to cast Principal to FederationPrincipal -->
+        <dependency>
+            <groupId>org.apache.cxf.fediz</groupId>
+            <artifactId>fediz-core</artifactId>
+            <version>${project.version}</version>
+            <scope>provided</scope>
+        </dependency>
+        <dependency>
+            <groupId>org.apache.commons</groupId>
+            <artifactId>commons-lang3</artifactId>
+            <version>${commons.lang.version}</version>
+        </dependency>  
+        <dependency>
+           <groupId>org.apache.cxf</groupId>
+           <artifactId>cxf-rt-frontend-jaxrs</artifactId>
+           <version>${cxf.version}</version>
+        </dependency>    
+    </dependencies>
+    <build>
+        <!-- Name of the generated WAR file -->
+        <finalName>fedizhelloworld</finalName>
+    </build>
+</project>

http://git-wip-us.apache.org/repos/asf/cxf-fediz/blob/31101469/systests/webapps/simpleWebapp/src/main/java/org/apache/cxf/fediz/example/FederationServlet.java
----------------------------------------------------------------------
diff --git a/systests/webapps/simpleWebapp/src/main/java/org/apache/cxf/fediz/example/FederationServlet.java b/systests/webapps/simpleWebapp/src/main/java/org/apache/cxf/fediz/example/FederationServlet.java
new file mode 100644
index 0000000..982dac4
--- /dev/null
+++ b/systests/webapps/simpleWebapp/src/main/java/org/apache/cxf/fediz/example/FederationServlet.java
@@ -0,0 +1,94 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+
+package org.apache.cxf.fediz.example;
+
+import java.io.IOException;
+import java.io.PrintWriter;
+import java.security.Principal;
+import java.util.Arrays;
+import java.util.List;
+
+import javax.servlet.ServletException;
+import javax.servlet.http.HttpServlet;
+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletResponse;
+
+import org.w3c.dom.Element;
+
+import org.apache.cxf.fediz.core.Claim;
+import org.apache.cxf.fediz.core.ClaimCollection;
+import org.apache.cxf.fediz.core.FedizPrincipal;
+import org.apache.cxf.fediz.core.SecurityTokenThreadLocal;
+
+
+public class FederationServlet extends HttpServlet {
+
+    /**
+     * 
+     */
+    private static final long serialVersionUID = -9019993850246851112L;
+
+    public void doGet(HttpServletRequest request, HttpServletResponse response)
+        throws ServletException, IOException {
+
+        response.setContentType("text/html");
+        PrintWriter out = response.getWriter();
+
+        out.println("<html>");
+        out.println("<head><title>WS Federation Systests Examples</title></head>");
+        out.println("<body>");
+        out.println("<p>Request url: " + request.getRequestURL().toString() + "</p>");
+
+        out.print("<p>userPrincipal=");
+        Principal p = request.getUserPrincipal();
+        if (p != null) {
+            out.print(p.getName());
+        }
+        out.println("</p>");
+        
+        List<String> roleListToCheck = Arrays.asList("Admin", "Manager", "User", "Authenticated");
+        for (String item: roleListToCheck) {
+            out.println("<p>role:" + item + "=" + ((request.isUserInRole(item)) ? "true" : "false") + "</p>");
+        }
+
+        if (p instanceof FedizPrincipal) {
+            FedizPrincipal fp = (FedizPrincipal)p;
+            
+            ClaimCollection claims = fp.getClaims();
+            for (Claim c: claims) {
+                out.println("<p>" + c.getClaimType().toString() + "=" + c.getValue() + "</p>");
+            }
+            
+            Element el = fp.getLoginToken();
+            if (el != null) {
+                out.println("loginToken=FOUND{FedizPrincipal}<p>");
+            }
+            
+            el = SecurityTokenThreadLocal.getToken();
+            if (el != null) {
+                out.println("loginToken=FOUND{SecurityTokenThreadLocal}<p>");
+            }
+            
+        }
+        
+        out.println("</body>");
+    }
+
+}

http://git-wip-us.apache.org/repos/asf/cxf-fediz/blob/31101469/systests/webapps/simpleWebapp/src/main/resources/log4j.properties
----------------------------------------------------------------------
diff --git a/systests/webapps/simpleWebapp/src/main/resources/log4j.properties b/systests/webapps/simpleWebapp/src/main/resources/log4j.properties
new file mode 100644
index 0000000..5fc56e3
--- /dev/null
+++ b/systests/webapps/simpleWebapp/src/main/resources/log4j.properties
@@ -0,0 +1,17 @@
+# Set root category priority to INFO and its only appender to CONSOLE.
+log4j.rootCategory=FATAL, CONSOLE
+#log4j.rootCategory=DEBUG, CONSOLE
+
+# CONSOLE is set to be a ConsoleAppender using a PatternLayout.
+log4j.appender.CONSOLE=org.apache.log4j.ConsoleAppender
+log4j.appender.CONSOLE.Threshold=DEBUG
+log4j.appender.CONSOLE.layout=org.apache.log4j.PatternLayout
+log4j.appender.CONSOLE.layout.ConversionPattern=- %m%n
+
+# LOGFILE is set to be a File appender using a PatternLayout.
+log4j.appender.LOGFILE=org.apache.log4j.FileAppender
+log4j.appender.LOGFILE.File=target/wss4j.log
+log4j.appender.LOGFILE.Append=false
+log4j.appender.LOGFILE.Threshold=DEBUG
+log4j.appender.LOGFILE.layout=org.apache.log4j.PatternLayout
+log4j.appender.LOGFILE.layout.ConversionPattern=%-4r [%t] %-5p %c %x - %m%n