You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@cxf.apache.org by bu...@apache.org on 2012/05/15 18:48:08 UTC
svn commit: r817750 - in /websites/production/cxf/content:
cache/main.pageCache fediz-downloads.html fediz-idp.html fediz-tomcat.html
fediz.html
Author: buildbot
Date: Tue May 15 16:48:08 2012
New Revision: 817750
Log:
Production update by buildbot for cxf
Added:
websites/production/cxf/content/fediz-downloads.html
websites/production/cxf/content/fediz-idp.html
websites/production/cxf/content/fediz-tomcat.html
Modified:
websites/production/cxf/content/cache/main.pageCache
websites/production/cxf/content/fediz.html
Modified: websites/production/cxf/content/cache/main.pageCache
==============================================================================
Binary files - no diff available.
Added: websites/production/cxf/content/fediz-downloads.html
==============================================================================
--- websites/production/cxf/content/fediz-downloads.html (added)
+++ websites/production/cxf/content/fediz-downloads.html Tue May 15 16:48:08 2012
@@ -0,0 +1,199 @@
+
+<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
+<!--
+
+ Licensed to the Apache Software Foundation (ASF) under one or more
+ contributor license agreements. See the NOTICE file distributed with
+ this work for additional information regarding copyright ownership.
+ The ASF licenses this file to You under the Apache License, Version 2.0
+ (the "License"); you may not use this file except in compliance with
+ the License. You may obtain a copy of the License at
+
+ http://www.apache.org/licenses/LICENSE-2.0
+
+ Unless required by applicable law or agreed to in writing, software
+ distributed under the License is distributed on an "AS IS" BASIS,
+ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ See the License for the specific language governing permissions and
+ limitations under the License.
+-->
+<html>
+ <head>
+ <link type="text/css" rel="stylesheet" href="http://cxf.apache.org/resources/site.css">
+ <script src="http://cxf.apache.org/resources/space.js" type="text/javascript"></script>
+
+<meta http-equiv="Content-type" content="text/html;charset=UTF-8">
+<meta name="keywords" content="business integration, EAI, SOA, Service Oriented Architecture, web services, SOAP, JBI, JMS, WSDL, XML, EDI, Electronic Data Interchange, standards support, integration standards, application integration, middleware, software, solutions, services, CXF, open source">
+<meta name="description" content="Apache CXF, Services Framework - Fediz Downloads">
+ <title>
+Apache CXF -- Fediz Downloads
+ </title>
+ </head>
+<body onload="init()">
+
+
+<table width="100%" cellpadding="0" cellspacing="0">
+ <tr>
+ <td id="cell-0-0" colspan="2"> </td>
+ <td id="cell-0-1"> </td>
+ <td id="cell-0-2" colspan="2"> </td>
+ </tr>
+ <tr>
+ <td id="cell-1-0"> </td>
+ <td id="cell-1-1"> </td>
+ <td id="cell-1-2">
+ <div style="padding: 5px;">
+ <div id="banner">
+ <!-- Banner -->
+<div id="banner-content">
+<table border="0" cellpadding="0" cellspacing="0" width="100%"><tr><td align="left" colspan="1" nowrap>
+<a shape="rect" href="http://cxf.apache.org/" title="Apache CXF"><span style="font-weight: bold; font-size: 170%; color: white">Apache CXF</span></a>
+</td><td align="right" colspan="1" nowrap>
+<a shape="rect" href="http://www.apache.org/" title="The Apache Software Foundation"><img border="0" alt="ASF Logo" src="http://cxf.apache.org/images/asf-logo.png"></a>
+</td></tr></table>
+</div>
+ <!-- Banner -->
+ </div>
+ </div>
+ <div id="top-menu">
+ <table border="0" cellpadding="1" cellspacing="0" width="100%">
+ <tr>
+ <td>
+ <div align="left">
+ <!-- Breadcrumbs -->
+<a href="index.html">Index</a> > <a href="fediz.html">Fediz</a> > <a href="fediz-downloads.html">Fediz Downloads</a>
+ <!-- Breadcrumbs -->
+ </div>
+ </td>
+ <td>
+ <div align="right">
+ <!-- Quicklinks -->
+<div id="quicklinks"><p><a shape="rect" href="download.html" title="Download">Download</a> | <a shape="rect" href="http://cxf.apache.org/docs/index.html">Documentation</a></p></div>
+ <!-- Quicklinks -->
+ </div>
+ </td>
+ </tr>
+ </table>
+ </div>
+ </td>
+ <td id="cell-1-3"> </td>
+ <td id="cell-1-4"> </td>
+ </tr>
+ <tr>
+ <td id="cell-2-0" colspan="2"> </td>
+ <td id="cell-2-1">
+ <table>
+ <tr valign="top">
+ <td height="100%">
+ <div id="wrapper-menu-page-right">
+ <div id="wrapper-menu-page-top">
+ <div id="wrapper-menu-page-bottom">
+ <div id="menu-page">
+ <!-- NavigationBar -->
+<div id="navigation"><h3><a shape="rect" name="Navigation-ApacheCXFIndex"></a><a shape="rect" href="index.html" title="Index">Apache CXF</a></h3>
+
+<ul class="alternate" type="square"><li><a shape="rect" href="index.html" title="Index">Home</a></li><li><a shape="rect" href="download.html" title="Download">Download</a></li><li><a shape="rect" href="people.html" title="People">People</a></li><li><a shape="rect" href="project-status.html" title="Project Status">Project Status</a></li><li><a shape="rect" href="roadmap.html" title="Roadmap">Roadmap</a></li><li><a shape="rect" href="mailing-lists.html" title="Mailing Lists">Mailing Lists</a></li><li><a shape="rect" class="external-link" href="http://issues.apache.org/jira/browse/CXF">Issue Reporting</a></li><li><a shape="rect" href="special-thanks.html" title="Special Thanks">Special Thanks</a></li><li><a shape="rect" class="external-link" href="http://www.apache.org/licenses/">License</a></li><li><a shape="rect" href="security-advisories.html" title="Security Advisories">Security Advisories</a></li></ul>
+
+
+<h3><a shape="rect" name="Navigation-Users"></a>Users</h3>
+
+<ul class="alternate" type="square"><li><a shape="rect" href="http://cxf.apache.org/docs/index.html">User's Guide</a></li><li><a shape="rect" href="support.html" title="Support">Support</a></li><li><a shape="rect" href="faq.html" title="FAQ">FAQ</a></li><li><a shape="rect" href="resources-and-articles.html" title="Resources and Articles">Resources and Articles</a></li></ul>
+
+
+<h3><a shape="rect" name="Navigation-Search"></a>Search</h3>
+
+<form enctype="application/x-www-form-urlencoded" method="get" id="cse-search-box" action="http://www.google.com/cse">
+ <div>
+ <input type="hidden" name="cx" value="002890367768291051730:o99qiwa09y4">
+ <input type="hidden" name="ie" value="UTF-8">
+ <input type="text" name="q" size="21">
+ <input type="submit" name="sa" value="Search">
+ </div>
+</form>
+<script type="text/javascript" src="http://www.google.com/cse/brand?form=cse-search-box&lang=en"></script>
+
+
+<h3><a shape="rect" name="Navigation-Developers"></a>Developers</h3>
+
+<ul class="alternate" type="square"><li><a shape="rect" href="http://cxf.apache.org/docs/cxf-architecture.html">Architecture Guide</a></li><li><a shape="rect" href="source-repository.html" title="Source Repository">Source Repository</a></li><li><a shape="rect" href="building.html" title="Building">Building</a></li><li><a shape="rect" href="automated-builds.html" title="Automated Builds">Automated Builds</a></li><li><a shape="rect" href="testing-debugging.html" title="Testing-Debugging">Testing-Debugging</a></li><li><a shape="rect" href="coding-guidelines.html" title="Coding Guidelines">Coding Guidelines</a></li><li><a shape="rect" href="getting-involved.html" title="Getting Involved">Getting Involved</a></li><li><a shape="rect" href="release-management.html" title="Release Management">Release Management</a></li></ul>
+
+
+<h3><a shape="rect" name="Navigation-Subprojects"></a>Subprojects</h3>
+
+<ul class="alternate" type="square"><li><a shape="rect" href="distributed-osgi.html" title="Distributed OSGi">Distributed OSGi</a></li><li><a shape="rect" href="xjc-utils.html" title="XJC Utils">XJC Utils</a></li><li><a shape="rect" href="build-utils.html" title="Build Utils">Build Utils</a></li></ul>
+
+
+<h3><a shape="rect" name="Navigation-ASF"></a><a shape="rect" class="external-link" href="http://www.apache.org">ASF</a></h3>
+
+<ul class="alternate" type="square"><li><a shape="rect" class="external-link" href="http://www.apache.org/foundation/how-it-works.html">How Apache Works</a></li><li><a shape="rect" class="external-link" href="http://www.apache.org/foundation/">Foundation</a></li><li><a shape="rect" class="external-link" href="http://www.apache.org/foundation/sponsorship.html">Sponsor Apache</a></li><li><a shape="rect" class="external-link" href="http://www.apache.org/foundation/thanks.html">Thanks</a></li><li><a shape="rect" class="external-link" href="http://www.apache.org/security/">Security</a></li></ul>
+</div>
+ <!-- NavigationBar -->
+ </div>
+ </div>
+ </div>
+ </div>
+ </td>
+ <td height="100%">
+ <!-- Content -->
+ <div class="wiki-content">
+<div id="ConfluenceContent"><p><img align="middle" class="emoticon" src="https://cwiki.apache.org/confluence/images/icons/emoticons/warning.gif" height="16" width="16" alt="" border="0"> Under construction</p>
+
+<h1><a shape="rect" name="FedizDownloads-Downloads"></a>Downloads</h1>
+
+<h2><a shape="rect" name="FedizDownloads-Plugins"></a>Plugins</h2>
+
+<h3><a shape="rect" name="FedizDownloads-Tomcat7"></a>Tomcat 7</h3>
+
+
+<h3><a shape="rect" name="FedizDownloads-Jetty"></a>Jetty</h3>
+
+
+<h2><a shape="rect" name="FedizDownloads-IdentityProvider"></a>Identity Provider</h2>
+</div>
+ </div>
+ <!-- Content -->
+ </td>
+ </tr>
+ </table>
+ </td>
+ <td id="cell-2-2" colspan="2"> </td>
+ </tr>
+ <tr>
+ <td id="cell-3-0"> </td>
+ <td id="cell-3-1"> </td>
+ <td id="cell-3-2">
+ <div id="footer">
+ <!-- Footer -->
+ <div id="site-footer">
+ <a href="http://cxf.apache.org/privacy-policy.html">Privacy Policy</a> -
+ (<a href="https://cwiki.apache.org/confluence/pages/editpage.action?pageId=27846511">edit page</a>)
+ (<a href="https://cwiki.apache.org/confluence/display/CXF/Fediz+Downloads?showComments=true&showCommentArea=true#addcomment">add comment</a>)<br>
+ Apache CXF, CXF, Apache, the Apache feather logo are trademarks of The Apache Software Foundation.<br>
+ All other marks mentioned may be trademarks or registered trademarks of their respective owners.
+ </div>
+ <!-- Footer -->
+ </div>
+ </td>
+ <td id="cell-3-3"> </td>
+ <td id="cell-3-4"> </td>
+ </tr>
+ <tr>
+ <td id="cell-4-0" colspan="2"> </td>
+ <td id="cell-4-1"> </td>
+ <td id="cell-4-2" colspan="2"> </td>
+ </tr>
+</table>
+
+<script type="text/javascript">
+var gaJsHost = (("https:" == document.location.protocol) ? "https://ssl." : "http://www.");
+document.write(unescape("%3Cscript src='" + gaJsHost + "google-analytics.com/ga.js' type='text/javascript'%3E%3C/script%3E"));
+</script>
+<script type="text/javascript">
+try {
+var pageTracker = _gat._getTracker("UA-4458903-1");
+pageTracker._trackPageview();
+} catch(err) {}</script>
+
+</body>
+</html>
+
Added: websites/production/cxf/content/fediz-idp.html
==============================================================================
--- websites/production/cxf/content/fediz-idp.html (added)
+++ websites/production/cxf/content/fediz-idp.html Tue May 15 16:48:08 2012
@@ -0,0 +1,413 @@
+
+<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
+<!--
+
+ Licensed to the Apache Software Foundation (ASF) under one or more
+ contributor license agreements. See the NOTICE file distributed with
+ this work for additional information regarding copyright ownership.
+ The ASF licenses this file to You under the Apache License, Version 2.0
+ (the "License"); you may not use this file except in compliance with
+ the License. You may obtain a copy of the License at
+
+ http://www.apache.org/licenses/LICENSE-2.0
+
+ Unless required by applicable law or agreed to in writing, software
+ distributed under the License is distributed on an "AS IS" BASIS,
+ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ See the License for the specific language governing permissions and
+ limitations under the License.
+-->
+<html>
+ <head>
+ <link type="text/css" rel="stylesheet" href="http://cxf.apache.org/resources/site.css">
+ <script src="http://cxf.apache.org/resources/space.js" type="text/javascript"></script>
+
+<meta http-equiv="Content-type" content="text/html;charset=UTF-8">
+<meta name="keywords" content="business integration, EAI, SOA, Service Oriented Architecture, web services, SOAP, JBI, JMS, WSDL, XML, EDI, Electronic Data Interchange, standards support, integration standards, application integration, middleware, software, solutions, services, CXF, open source">
+<meta name="description" content="Apache CXF, Services Framework - Fediz IDP">
+ <title>
+Apache CXF -- Fediz IDP
+ </title>
+ </head>
+<body onload="init()">
+
+
+<table width="100%" cellpadding="0" cellspacing="0">
+ <tr>
+ <td id="cell-0-0" colspan="2"> </td>
+ <td id="cell-0-1"> </td>
+ <td id="cell-0-2" colspan="2"> </td>
+ </tr>
+ <tr>
+ <td id="cell-1-0"> </td>
+ <td id="cell-1-1"> </td>
+ <td id="cell-1-2">
+ <div style="padding: 5px;">
+ <div id="banner">
+ <!-- Banner -->
+<div id="banner-content">
+<table border="0" cellpadding="0" cellspacing="0" width="100%"><tr><td align="left" colspan="1" nowrap>
+<a shape="rect" href="http://cxf.apache.org/" title="Apache CXF"><span style="font-weight: bold; font-size: 170%; color: white">Apache CXF</span></a>
+</td><td align="right" colspan="1" nowrap>
+<a shape="rect" href="http://www.apache.org/" title="The Apache Software Foundation"><img border="0" alt="ASF Logo" src="http://cxf.apache.org/images/asf-logo.png"></a>
+</td></tr></table>
+</div>
+ <!-- Banner -->
+ </div>
+ </div>
+ <div id="top-menu">
+ <table border="0" cellpadding="1" cellspacing="0" width="100%">
+ <tr>
+ <td>
+ <div align="left">
+ <!-- Breadcrumbs -->
+<a href="index.html">Index</a> > <a href="fediz.html">Fediz</a> > <a href="fediz-idp.html">Fediz IDP</a>
+ <!-- Breadcrumbs -->
+ </div>
+ </td>
+ <td>
+ <div align="right">
+ <!-- Quicklinks -->
+<div id="quicklinks"><p><a shape="rect" href="download.html" title="Download">Download</a> | <a shape="rect" href="http://cxf.apache.org/docs/index.html">Documentation</a></p></div>
+ <!-- Quicklinks -->
+ </div>
+ </td>
+ </tr>
+ </table>
+ </div>
+ </td>
+ <td id="cell-1-3"> </td>
+ <td id="cell-1-4"> </td>
+ </tr>
+ <tr>
+ <td id="cell-2-0" colspan="2"> </td>
+ <td id="cell-2-1">
+ <table>
+ <tr valign="top">
+ <td height="100%">
+ <div id="wrapper-menu-page-right">
+ <div id="wrapper-menu-page-top">
+ <div id="wrapper-menu-page-bottom">
+ <div id="menu-page">
+ <!-- NavigationBar -->
+<div id="navigation"><h3><a shape="rect" name="Navigation-ApacheCXFIndex"></a><a shape="rect" href="index.html" title="Index">Apache CXF</a></h3>
+
+<ul class="alternate" type="square"><li><a shape="rect" href="index.html" title="Index">Home</a></li><li><a shape="rect" href="download.html" title="Download">Download</a></li><li><a shape="rect" href="people.html" title="People">People</a></li><li><a shape="rect" href="project-status.html" title="Project Status">Project Status</a></li><li><a shape="rect" href="roadmap.html" title="Roadmap">Roadmap</a></li><li><a shape="rect" href="mailing-lists.html" title="Mailing Lists">Mailing Lists</a></li><li><a shape="rect" class="external-link" href="http://issues.apache.org/jira/browse/CXF">Issue Reporting</a></li><li><a shape="rect" href="special-thanks.html" title="Special Thanks">Special Thanks</a></li><li><a shape="rect" class="external-link" href="http://www.apache.org/licenses/">License</a></li><li><a shape="rect" href="security-advisories.html" title="Security Advisories">Security Advisories</a></li></ul>
+
+
+<h3><a shape="rect" name="Navigation-Users"></a>Users</h3>
+
+<ul class="alternate" type="square"><li><a shape="rect" href="http://cxf.apache.org/docs/index.html">User's Guide</a></li><li><a shape="rect" href="support.html" title="Support">Support</a></li><li><a shape="rect" href="faq.html" title="FAQ">FAQ</a></li><li><a shape="rect" href="resources-and-articles.html" title="Resources and Articles">Resources and Articles</a></li></ul>
+
+
+<h3><a shape="rect" name="Navigation-Search"></a>Search</h3>
+
+<form enctype="application/x-www-form-urlencoded" method="get" id="cse-search-box" action="http://www.google.com/cse">
+ <div>
+ <input type="hidden" name="cx" value="002890367768291051730:o99qiwa09y4">
+ <input type="hidden" name="ie" value="UTF-8">
+ <input type="text" name="q" size="21">
+ <input type="submit" name="sa" value="Search">
+ </div>
+</form>
+<script type="text/javascript" src="http://www.google.com/cse/brand?form=cse-search-box&lang=en"></script>
+
+
+<h3><a shape="rect" name="Navigation-Developers"></a>Developers</h3>
+
+<ul class="alternate" type="square"><li><a shape="rect" href="http://cxf.apache.org/docs/cxf-architecture.html">Architecture Guide</a></li><li><a shape="rect" href="source-repository.html" title="Source Repository">Source Repository</a></li><li><a shape="rect" href="building.html" title="Building">Building</a></li><li><a shape="rect" href="automated-builds.html" title="Automated Builds">Automated Builds</a></li><li><a shape="rect" href="testing-debugging.html" title="Testing-Debugging">Testing-Debugging</a></li><li><a shape="rect" href="coding-guidelines.html" title="Coding Guidelines">Coding Guidelines</a></li><li><a shape="rect" href="getting-involved.html" title="Getting Involved">Getting Involved</a></li><li><a shape="rect" href="release-management.html" title="Release Management">Release Management</a></li></ul>
+
+
+<h3><a shape="rect" name="Navigation-Subprojects"></a>Subprojects</h3>
+
+<ul class="alternate" type="square"><li><a shape="rect" href="distributed-osgi.html" title="Distributed OSGi">Distributed OSGi</a></li><li><a shape="rect" href="xjc-utils.html" title="XJC Utils">XJC Utils</a></li><li><a shape="rect" href="build-utils.html" title="Build Utils">Build Utils</a></li></ul>
+
+
+<h3><a shape="rect" name="Navigation-ASF"></a><a shape="rect" class="external-link" href="http://www.apache.org">ASF</a></h3>
+
+<ul class="alternate" type="square"><li><a shape="rect" class="external-link" href="http://www.apache.org/foundation/how-it-works.html">How Apache Works</a></li><li><a shape="rect" class="external-link" href="http://www.apache.org/foundation/">Foundation</a></li><li><a shape="rect" class="external-link" href="http://www.apache.org/foundation/sponsorship.html">Sponsor Apache</a></li><li><a shape="rect" class="external-link" href="http://www.apache.org/foundation/thanks.html">Thanks</a></li><li><a shape="rect" class="external-link" href="http://www.apache.org/security/">Security</a></li></ul>
+</div>
+ <!-- NavigationBar -->
+ </div>
+ </div>
+ </div>
+ </div>
+ </td>
+ <td height="100%">
+ <!-- Content -->
+ <div class="wiki-content">
+<div id="ConfluenceContent"><p><img align="middle" class="emoticon" src="https://cwiki.apache.org/confluence/images/icons/emoticons/warning.gif" height="16" width="16" alt="" border="0"> Under construction</p>
+
+<h1><a shape="rect" name="FedizIDP-FedizIDP"></a>Fediz IDP</h1>
+
+<p>The Fediz Identity Provider (IDP) consists of two WAR files. One is the Security Token Service (STS) component which is responsible to validate credentials, getting the requested claims data and issues a SAML token. There is no easy way for Web browsers to issue SOAP requests to the STS directly. The second component is the IDP WAR which adapts the browser to the STS. The communication between the browser and the IDP must be performed within the confines of the base HTTP 1.1 functionality and conform as closely as possible to the WS-Trust protocols semantic.</p>
+
+<p>The Fediz STS is based on the CXF STS configured to support the use cases required by the examples.</p>
+
+<h3><a shape="rect" name="FedizIDP-Installation"></a>Installation</h3>
+
+<p>The Fediz IDP has been tested with Tomcat 6 and 7 but there are no reasons why it shouldn't work in any commercial application server.</p>
+
+<p>It's recommended to set up a dedicated Tomcat instance for the IDP. The Fediz examples use the following TCP ports to interact with the IDP/STS:</p>
+<ul><li>HTTP port: 9080 (used for maven deployment, mvn tomcat:redeploy)</li><li>HTTPS port: 9443 (where IDP and STS are accessed)</li></ul>
+
+
+<p>The Tomcat HTTP(s) configuration is done in conf/server.xml.</p>
+
+<p>This is a sample snippet for an HTTPS configuration:</p>
+
+<div class="code panel" style="border-width: 1px;"><div class="codeContent panelContent">
+<pre class="code-xml">
+ <Connector port=<span class="code-quote">"9443"</span> protocol=<span class="code-quote">"HTTP/1.1"</span> SSLEnabled=<span class="code-quote">"true"</span>
+ maxThreads=<span class="code-quote">"150"</span> scheme=<span class="code-quote">"https"</span> secure=<span class="code-quote">"true"</span>
+ keystoreFile=<span class="code-quote">"tomcatKeystore.jks"</span>
+ keystorePass=<span class="code-quote">"tompass"</span> sslProtocol=<span class="code-quote">"TLS"</span> />
+</pre>
+</div></div>
+
+<p>The keystoreFile is relative to catalina home. See <a shape="rect" class="external-link" href="http://tomcat.apache.org/tomcat-7.0-doc/ssl-howto.html">here</a> for Tomcat 7 configuration reference. This page also describes how to create certificates.</p>
+
+<p><b>Production: It's highly recommended to deploy certificates signed by a Certificate Authority</b></p>
+
+<p>Deploy the WAR files to your Tomcat installation (<catalina.home>/webapps) and ensure that Tomcat is started thus the WAR files get deployed.</p>
+
+<h3><a shape="rect" name="FedizIDP-Configuration"></a>Configuration</h3>
+
+<p>You can manage the users, their claims and the claims per application in the IDP.</p>
+
+<h5><a shape="rect" name="FedizIDP-Userandpassword"></a>User and password</h5>
+
+<p>The users and passwords are configured in a spring configuration file in <tt>webapps/fediz-idp-sts/WEB-INF/passwords.xml</tt>. The following users are already configured and can easily be extended.</p>
+<div class="code panel" style="border-width: 1px;"><div class="codeContent panelContent">
+<pre class="code-xml">
+ <span class="code-tag"><util:map id=<span class="code-quote">"passwords"</span>></span>
+ <entry key=<span class="code-quote">"alice"</span>
+ value=<span class="code-quote">"ecila"</span> />
+ <entry key=<span class="code-quote">"bob"</span>
+ value=<span class="code-quote">"bob"</span> />
+ <entry key=<span class="code-quote">"ted"</span>
+ value=<span class="code-quote">"det"</span> />
+ <span class="code-tag"></util:map></span>
+</pre>
+</div></div>
+
+<h5><a shape="rect" name="FedizIDP-UserClaims"></a>User Claims</h5>
+
+<p>The claims of each user are configured in a spring configuration file <tt>webapps/fediz-idp-sts/WEB-INF/userClaims.xml</tt>. The following claims are already configured:</p>
+<div class="code panel" style="border-width: 1px;"><div class="codeContent panelContent">
+<pre class="code-xml">
+ <span class="code-tag"><util:map id=<span class="code-quote">"userClaims"</span>></span>
+ <entry key=<span class="code-quote">"alice"</span>
+ value-ref=<span class="code-quote">"aliceClaims"</span> />
+ <entry key=<span class="code-quote">"bob"</span>
+ value-ref=<span class="code-quote">"bobClaims"</span> />
+ <entry key=<span class="code-quote">"ted"</span>
+ value-ref=<span class="code-quote">"tedClaims"</span> />
+ <span class="code-tag"></util:map></span>
+
+ <span class="code-tag"><util:map id=<span class="code-quote">"aliceClaims"</span>></span>
+ <entry key=<span class="code-quote">"http://schemas.xmlsoap.org/ws/2005/05/identity/claims/givenname"</span>
+ value=<span class="code-quote">"Alice"</span> />
+ <entry key=<span class="code-quote">"http://schemas.xmlsoap.org/ws/2005/05/identity/claims/surname"</span>
+ value=<span class="code-quote">"Smith"</span> />
+ <entry key=<span class="code-quote">"http://schemas.xmlsoap.org/ws/2005/05/identity/claims/emailaddress"</span>
+ value=<span class="code-quote">"alice@mycompany.org"</span> />
+ <entry key=<span class="code-quote">"http://schemas.xmlsoap.org/ws/2005/05/identity/claims/role"</span>
+ value=<span class="code-quote">"user"</span> />
+
+ <span class="code-tag"></util:map></span>
+</pre>
+</div></div>
+
+<p>The claim id's are configured according to chapter 7.5 in the specification <a shape="rect" class="external-link" href="http://docs.oasis-open.org/imi/identity/v1.0/identity.html" rel="nofollow">Identity Metasystem Interoperability</a>. The mapping of claims to a SAML attribute statement are described in chapter 7.2.</p>
+
+<h5><a shape="rect" name="FedizIDP-Applicationclaims"></a>Application claims</h5>
+
+
+<p>The required claims per relying party are configured in the <tt>webapps/fediz-idp/WEB-INF/RPClaims.xml</tt>. The XML file has the following structure:</p>
+
+<div class="code panel" style="border-width: 1px;"><div class="codeContent panelContent">
+<pre class="code-xml">
+ <span class="code-tag"><util:map id=<span class="code-quote">"realm2ClaimsMap"</span>></span>
+ <entry key=<span class="code-quote">"https://localhost:8443/fedizhelloworld/"</span>
+ value-ref=<span class="code-quote">"claimsWsfedhelloworld"</span> />
+ <span class="code-tag"></util:map></span>
+
+ <span class="code-tag"><util:list id=<span class="code-quote">"claimsWsfedhelloworld"</span>></span>
+ <span class="code-tag"><value></span>http://schemas.xmlsoap.org/ws/2005/05/identity/claims/givenname<span class="code-tag"></value></span>
+ <span class="code-tag"><value></span>http://schemas.xmlsoap.org/ws/2005/05/identity/claims/surname<span class="code-tag"></value></span>
+ <span class="code-tag"><value></span>http://schemas.xmlsoap.org/ws/2005/05/identity/claims/emailaddress<span class="code-tag"></value></span>
+ <span class="code-tag"><value></span>http://schemas.xmlsoap.org/ws/2005/05/identity/claims/role<span class="code-tag"></value></span>
+ <span class="code-tag"></util:list></span>
+</pre>
+</div></div>
+
+<p>The key of each map entry must match with the <tt>wtrealm</tt> paramater in the redirect triggered by the relying party. The required claims for the different type of applications are grouped in beans which are a list of String as illustrated in <tt>claimsWsfedhelloworld</tt>.</p>
+
+<p>The bean <tt>realm2ClaimsMap</tt> must be named realm2ClaimsMap and maps the different Relying Parties (applications) to one of the claim lists. This map is required to manage which claims are required for the applications.</p>
+
+<p>The JIRA issue <a shape="rect" class="external-link" href="https://issues.apache.org/jira/browse/FEDIZ-1">FEDIZ-1</a> will provide another option to manage the required claims on the Relying Party side.</p>
+
+
+
+<h3><a shape="rect" name="FedizIDP-ConfigureLDAPdirectory"></a>Configure LDAP directory</h3>
+
+<p>The Fediz IDP can be configured to attach an LDAP directory to authenticate users and to retrieve claims information of users.</p>
+
+<h5><a shape="rect" name="FedizIDP-Usernameandpasswordauthentication"></a>Username and password authentication</h5>
+
+<p>WSS4J supports username/password authentication using JAAS. The JDK provides a JAAS LoginModule for LDAP which can be configured as illustrated here in a sample jaas configuration (jaas.config):</p>
+
+<div class="code panel" style="border-width: 1px;"><div class="codeContent panelContent">
+<pre class="code-java">
+myldap {
+ com.sun.security.auth.module.LdapLoginModule REQUIRED
+ userProvider=ldap:<span class="code-comment">//ldap.mycompany.org:389/OU=Users,DC=mycompany,DC=org"
+</span> authIdentity=<span class="code-quote">"cn={USERNAME},OU=Users,DC=mycompany,DC=org"</span>
+ useSSL=<span class="code-keyword">false</span>
+ debug=<span class="code-keyword">true</span>;
+};
+</pre>
+</div></div>
+
+<p>You can get more information about this LoginModule <a shape="rect" class="external-link" href="http://download.oracle.com/javase/6/docs/jre/api/security/jaas/spec/com/sun/security/auth/module/LdapLoginModule.html" rel="nofollow">here</a>.</p>
+
+<p>In this example, all the users are stored in the organization unit Users within mycompany.org. The configuration filename can be chosen, e.g. <tt>jaas.config</tt>. The filename must be configured as a JVM argument. JVM related configurations for Tomcat can be done in the file <tt>setenv.sh/bat</tt> located in directory <tt>tomcat/bin</tt>. This script is called implicitly by <tt>catalina.bat/sh</tt> and might look like this for UNIX:</p>
+
+<div class="code panel" style="border-width: 1px;"><div class="codeContent panelContent">
+<pre class="code-java">
+#!/bin/sh
+JAVA_OPTS=<span class="code-quote">"-Djava.security.auth.login.config=/opt/tomcat/conf/jaas.config"</span>
+export JAVA_OPTS
+</pre>
+</div></div>
+
+<p>Next, the STS endpoint has to be configured to use the JAAS LoginModule which is acomplished by the <tt>JAASUsernameTokenValidator</tt>.</p>
+
+<div class="code panel" style="border-width: 1px;"><div class="codeContent panelContent">
+<pre class="code-xml">
+<bean
+ class=<span class="code-quote">"org.apache.ws.security.validate.JAASUsernameTokenValidator"</span>
+ id=<span class="code-quote">"jaasUTValidator"</span>>
+ <span class="code-tag"><property name=<span class="code-quote">"contextName"</span> value=<span class="code-quote">"myldap"</span>/></span>
+<span class="code-tag"></bean></span>
+
+<jaxws:endpoint id=<span class="code-quote">"transportSTSUT"</span>
+ endpointName=<span class="code-quote">"ns1:TransportUT_Port"</span>
+ serviceName=<span class="code-quote">"ns1:SecurityTokenService"</span>
+ <span class="code-keyword">xmlns:ns1</span>=http://docs.oasis-open.org/ws-sx/ws-trust/200512/
+ wsdlLocation=<span class="code-quote">"/WEB-INF/wsdl/ws-trust-1.4-service.wsdl"</span>
+ address=<span class="code-quote">"/STSServiceTransportUT"</span>
+ implementor=<span class="code-quote">"#transportSTSProviderBean"</span>>
+
+ <span class="code-tag"><jaxws:properties></span>
+ <entry key=<span class="code-quote">"ws-security.ut.validator"</span>
+ value-ref=<span class="code-quote">"jaasUTValidator"</span>/>
+ <span class="code-tag"></jaxws:properties></span>
+<span class="code-tag"></jaxws:endpoint></span>
+</pre>
+</div></div>
+
+<p>The property <tt>contextName</tt> must match with the context name defined in the JAAS configuration file which is <tt>myldap</tt> in this example.</p>
+
+<h5><a shape="rect" name="FedizIDP-Claimsmanagement"></a>Claims management</h5>
+
+<p>When a STS client (IDP) requests a claim, the ClaimsManager in the STS checks every registered ClaimsHandler who can provide the data of the requested claim. The CXF STS provides <tt>org.apache.cxf.sts.claims.LdapClaimsHandler</tt> which is a claims handler implementation to get claims from user attributes in a LDAP directory.</p>
+
+<p>You configure which claim URI maps to which LDAP user attribute. The implementation uses the Spring Ldap Module (LdapTemplate).</p>
+
+<p>The following example illustrate the changes to be made in <tt>webapps/fediz-idp-sts/WEB-INF/cxf-transport.xml</tt>:</p>
+
+<div class="code panel" style="border-width: 1px;"><div class="codeContent panelContent">
+<pre class="code-xml">
+<span class="code-tag"><util:list id=<span class="code-quote">"claimHandlerList"</span>></span>
+ <span class="code-tag"><ref bean=<span class="code-quote">"ldapClaimsHandler"</span> /></span>
+<span class="code-tag"></util:list></span>
+
+<bean id=<span class="code-quote">"contextSource"</span>
+ class=<span class="code-quote">"org.springframework.ldap.core.support.LdapContextSource"</span>>
+ <span class="code-tag"><property name=<span class="code-quote">"url"</span> value=<span class="code-quote">"ldap://ldap.mycompany.org:389"</span> /></span>
+ <property name=<span class="code-quote">"userDn"</span>
+ value=<span class="code-quote">"CN=techUser,OU=Users,DC=mycompany,DC=org"</span> />
+ <span class="code-tag"><property name=<span class="code-quote">"password"</span> value=<span class="code-quote">"mypassword"</span> /></span>
+<span class="code-tag"></bean></span>
+
+<bean id=<span class="code-quote">"ldapTemplate"</span>
+ class=<span class="code-quote">"org.springframework.ldap.core.LdapTemplate"</span>>
+ <span class="code-tag"><constructor-arg ref=<span class="code-quote">"contextSource"</span> /></span>
+<span class="code-tag"></bean></span>
+
+<span class="code-tag"><util:map id=<span class="code-quote">"claimsToLdapAttributeMapping"</span>></span>
+ <entry
+key=<span class="code-quote">"http://schemas.xmlsoap.org/ws/2005/05/identity/claims/givenname"</span>
+value=<span class="code-quote">"givenName"</span> />
+ <entry key=<span class="code-quote">"http://schemas.xmlsoap.org/ws/2005/05/identity/claims/surname"</span>
+value=<span class="code-quote">"sn"</span> />
+ <entry
+key=<span class="code-quote">"http://schemas.xmlsoap.org/ws/2005/05/identity/claims/emailaddress"</span>
+value=<span class="code-quote">"mail"</span> />
+ <entry key=<span class="code-quote">"http://schemas.xmlsoap.org/ws/2005/05/identity/claims/country"</span>
+value=<span class="code-quote">"c"</span> />
+<span class="code-tag"></util:map></span>
+
+<bean id=<span class="code-quote">"ldapClaimsHandler"</span>
+ class=<span class="code-quote">"org.apache.cxf.sts.claims.LdapClaimsHandler"</span>>
+ <span class="code-tag"><property name=<span class="code-quote">"ldapTemplate"</span> ref=<span class="code-quote">"ldapTemplate"</span> /></span>
+ <property name=<span class="code-quote">"claimsLdapAttributeMapping"</span>
+ ref=<span class="code-quote">"claimsToLdapAttributeMapping"</span> />
+ <property name=<span class="code-quote">"userBaseDN"</span>
+ value=<span class="code-quote">"OU=Users,DC=mycompany,DC=org"</span> />
+<span class="code-tag"></bean></span>
+</pre>
+</div></div>
+
+<h3><a shape="rect" name="FedizIDP-ConfigureCAcertificates"></a>Configure CA certificates</h3>
+
+<p>tbd</p></div>
+ </div>
+ <!-- Content -->
+ </td>
+ </tr>
+ </table>
+ </td>
+ <td id="cell-2-2" colspan="2"> </td>
+ </tr>
+ <tr>
+ <td id="cell-3-0"> </td>
+ <td id="cell-3-1"> </td>
+ <td id="cell-3-2">
+ <div id="footer">
+ <!-- Footer -->
+ <div id="site-footer">
+ <a href="http://cxf.apache.org/privacy-policy.html">Privacy Policy</a> -
+ (<a href="https://cwiki.apache.org/confluence/pages/editpage.action?pageId=27846949">edit page</a>)
+ (<a href="https://cwiki.apache.org/confluence/display/CXF/Fediz+IDP?showComments=true&showCommentArea=true#addcomment">add comment</a>)<br>
+ Apache CXF, CXF, Apache, the Apache feather logo are trademarks of The Apache Software Foundation.<br>
+ All other marks mentioned may be trademarks or registered trademarks of their respective owners.
+ </div>
+ <!-- Footer -->
+ </div>
+ </td>
+ <td id="cell-3-3"> </td>
+ <td id="cell-3-4"> </td>
+ </tr>
+ <tr>
+ <td id="cell-4-0" colspan="2"> </td>
+ <td id="cell-4-1"> </td>
+ <td id="cell-4-2" colspan="2"> </td>
+ </tr>
+</table>
+
+<script type="text/javascript">
+var gaJsHost = (("https:" == document.location.protocol) ? "https://ssl." : "http://www.");
+document.write(unescape("%3Cscript src='" + gaJsHost + "google-analytics.com/ga.js' type='text/javascript'%3E%3C/script%3E"));
+</script>
+<script type="text/javascript">
+try {
+var pageTracker = _gat._getTracker("UA-4458903-1");
+pageTracker._trackPageview();
+} catch(err) {}</script>
+
+</body>
+</html>
+
Added: websites/production/cxf/content/fediz-tomcat.html
==============================================================================
--- websites/production/cxf/content/fediz-tomcat.html (added)
+++ websites/production/cxf/content/fediz-tomcat.html Tue May 15 16:48:08 2012
@@ -0,0 +1,246 @@
+
+<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
+<!--
+
+ Licensed to the Apache Software Foundation (ASF) under one or more
+ contributor license agreements. See the NOTICE file distributed with
+ this work for additional information regarding copyright ownership.
+ The ASF licenses this file to You under the Apache License, Version 2.0
+ (the "License"); you may not use this file except in compliance with
+ the License. You may obtain a copy of the License at
+
+ http://www.apache.org/licenses/LICENSE-2.0
+
+ Unless required by applicable law or agreed to in writing, software
+ distributed under the License is distributed on an "AS IS" BASIS,
+ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ See the License for the specific language governing permissions and
+ limitations under the License.
+-->
+<html>
+ <head>
+ <link type="text/css" rel="stylesheet" href="http://cxf.apache.org/resources/site.css">
+ <script src="http://cxf.apache.org/resources/space.js" type="text/javascript"></script>
+
+<meta http-equiv="Content-type" content="text/html;charset=UTF-8">
+<meta name="keywords" content="business integration, EAI, SOA, Service Oriented Architecture, web services, SOAP, JBI, JMS, WSDL, XML, EDI, Electronic Data Interchange, standards support, integration standards, application integration, middleware, software, solutions, services, CXF, open source">
+<meta name="description" content="Apache CXF, Services Framework - Fediz Tomcat">
+ <title>
+Apache CXF -- Fediz Tomcat
+ </title>
+ </head>
+<body onload="init()">
+
+
+<table width="100%" cellpadding="0" cellspacing="0">
+ <tr>
+ <td id="cell-0-0" colspan="2"> </td>
+ <td id="cell-0-1"> </td>
+ <td id="cell-0-2" colspan="2"> </td>
+ </tr>
+ <tr>
+ <td id="cell-1-0"> </td>
+ <td id="cell-1-1"> </td>
+ <td id="cell-1-2">
+ <div style="padding: 5px;">
+ <div id="banner">
+ <!-- Banner -->
+<div id="banner-content">
+<table border="0" cellpadding="0" cellspacing="0" width="100%"><tr><td align="left" colspan="1" nowrap>
+<a shape="rect" href="http://cxf.apache.org/" title="Apache CXF"><span style="font-weight: bold; font-size: 170%; color: white">Apache CXF</span></a>
+</td><td align="right" colspan="1" nowrap>
+<a shape="rect" href="http://www.apache.org/" title="The Apache Software Foundation"><img border="0" alt="ASF Logo" src="http://cxf.apache.org/images/asf-logo.png"></a>
+</td></tr></table>
+</div>
+ <!-- Banner -->
+ </div>
+ </div>
+ <div id="top-menu">
+ <table border="0" cellpadding="1" cellspacing="0" width="100%">
+ <tr>
+ <td>
+ <div align="left">
+ <!-- Breadcrumbs -->
+<a href="index.html">Index</a> > <a href="fediz.html">Fediz</a> > <a href="fediz-tomcat.html">Fediz Tomcat</a>
+ <!-- Breadcrumbs -->
+ </div>
+ </td>
+ <td>
+ <div align="right">
+ <!-- Quicklinks -->
+<div id="quicklinks"><p><a shape="rect" href="download.html" title="Download">Download</a> | <a shape="rect" href="http://cxf.apache.org/docs/index.html">Documentation</a></p></div>
+ <!-- Quicklinks -->
+ </div>
+ </td>
+ </tr>
+ </table>
+ </div>
+ </td>
+ <td id="cell-1-3"> </td>
+ <td id="cell-1-4"> </td>
+ </tr>
+ <tr>
+ <td id="cell-2-0" colspan="2"> </td>
+ <td id="cell-2-1">
+ <table>
+ <tr valign="top">
+ <td height="100%">
+ <div id="wrapper-menu-page-right">
+ <div id="wrapper-menu-page-top">
+ <div id="wrapper-menu-page-bottom">
+ <div id="menu-page">
+ <!-- NavigationBar -->
+<div id="navigation"><h3><a shape="rect" name="Navigation-ApacheCXFIndex"></a><a shape="rect" href="index.html" title="Index">Apache CXF</a></h3>
+
+<ul class="alternate" type="square"><li><a shape="rect" href="index.html" title="Index">Home</a></li><li><a shape="rect" href="download.html" title="Download">Download</a></li><li><a shape="rect" href="people.html" title="People">People</a></li><li><a shape="rect" href="project-status.html" title="Project Status">Project Status</a></li><li><a shape="rect" href="roadmap.html" title="Roadmap">Roadmap</a></li><li><a shape="rect" href="mailing-lists.html" title="Mailing Lists">Mailing Lists</a></li><li><a shape="rect" class="external-link" href="http://issues.apache.org/jira/browse/CXF">Issue Reporting</a></li><li><a shape="rect" href="special-thanks.html" title="Special Thanks">Special Thanks</a></li><li><a shape="rect" class="external-link" href="http://www.apache.org/licenses/">License</a></li><li><a shape="rect" href="security-advisories.html" title="Security Advisories">Security Advisories</a></li></ul>
+
+
+<h3><a shape="rect" name="Navigation-Users"></a>Users</h3>
+
+<ul class="alternate" type="square"><li><a shape="rect" href="http://cxf.apache.org/docs/index.html">User's Guide</a></li><li><a shape="rect" href="support.html" title="Support">Support</a></li><li><a shape="rect" href="faq.html" title="FAQ">FAQ</a></li><li><a shape="rect" href="resources-and-articles.html" title="Resources and Articles">Resources and Articles</a></li></ul>
+
+
+<h3><a shape="rect" name="Navigation-Search"></a>Search</h3>
+
+<form enctype="application/x-www-form-urlencoded" method="get" id="cse-search-box" action="http://www.google.com/cse">
+ <div>
+ <input type="hidden" name="cx" value="002890367768291051730:o99qiwa09y4">
+ <input type="hidden" name="ie" value="UTF-8">
+ <input type="text" name="q" size="21">
+ <input type="submit" name="sa" value="Search">
+ </div>
+</form>
+<script type="text/javascript" src="http://www.google.com/cse/brand?form=cse-search-box&lang=en"></script>
+
+
+<h3><a shape="rect" name="Navigation-Developers"></a>Developers</h3>
+
+<ul class="alternate" type="square"><li><a shape="rect" href="http://cxf.apache.org/docs/cxf-architecture.html">Architecture Guide</a></li><li><a shape="rect" href="source-repository.html" title="Source Repository">Source Repository</a></li><li><a shape="rect" href="building.html" title="Building">Building</a></li><li><a shape="rect" href="automated-builds.html" title="Automated Builds">Automated Builds</a></li><li><a shape="rect" href="testing-debugging.html" title="Testing-Debugging">Testing-Debugging</a></li><li><a shape="rect" href="coding-guidelines.html" title="Coding Guidelines">Coding Guidelines</a></li><li><a shape="rect" href="getting-involved.html" title="Getting Involved">Getting Involved</a></li><li><a shape="rect" href="release-management.html" title="Release Management">Release Management</a></li></ul>
+
+
+<h3><a shape="rect" name="Navigation-Subprojects"></a>Subprojects</h3>
+
+<ul class="alternate" type="square"><li><a shape="rect" href="distributed-osgi.html" title="Distributed OSGi">Distributed OSGi</a></li><li><a shape="rect" href="xjc-utils.html" title="XJC Utils">XJC Utils</a></li><li><a shape="rect" href="build-utils.html" title="Build Utils">Build Utils</a></li></ul>
+
+
+<h3><a shape="rect" name="Navigation-ASF"></a><a shape="rect" class="external-link" href="http://www.apache.org">ASF</a></h3>
+
+<ul class="alternate" type="square"><li><a shape="rect" class="external-link" href="http://www.apache.org/foundation/how-it-works.html">How Apache Works</a></li><li><a shape="rect" class="external-link" href="http://www.apache.org/foundation/">Foundation</a></li><li><a shape="rect" class="external-link" href="http://www.apache.org/foundation/sponsorship.html">Sponsor Apache</a></li><li><a shape="rect" class="external-link" href="http://www.apache.org/foundation/thanks.html">Thanks</a></li><li><a shape="rect" class="external-link" href="http://www.apache.org/security/">Security</a></li></ul>
+</div>
+ <!-- NavigationBar -->
+ </div>
+ </div>
+ </div>
+ </div>
+ </td>
+ <td height="100%">
+ <!-- Content -->
+ <div class="wiki-content">
+<div id="ConfluenceContent"><p><img align="middle" class="emoticon" src="https://cwiki.apache.org/confluence/images/icons/emoticons/warning.gif" height="16" width="16" alt="" border="0"> Under construction</p>
+
+<h1><a shape="rect" name="FedizTomcat-TomcatPlugin"></a>Tomcat Plugin</h1>
+<p>This page describes how to enable Federation in Tomcat. This Tomcat instance acts as the Relying Party which means it validates the incoming SignInResponse which has been created by the Identity Provider (IDP) server.</p>
+
+<h3><a shape="rect" name="FedizTomcat-Installation"></a>Installation</h3>
+
+<p>You can either build the plugin on your own or download the package here (tbd). If you have built the plugin on your own you'll find the required libraries in plugins/tomcat/target/...zip-with-dependencies.zip</p>
+
+
+<ol><li>Create sub-directory <tt>fediz</tt> in <tt>${catalina.home}/lib</tt></li><li>Update calatina.properties in ${catalina.home}/conf<br clear="none">
+add the previously created directory to the common loader:<br clear="none">
+<tt>common.loader=${catalina.base}/lib,${catalina.base}/lib/*.jar,${catalina.home}/lib,${catalina.home}/lib/*.jar,${catalina.home}/lib/fediz/*.jar</tt></li><li>Deploy the libraries to the directory created in (1)</li></ol>
+
+
+
+<h3><a shape="rect" name="FedizTomcat-Configuration"></a>Configuration</h3>
+
+<p>The Fediz related configuration is Container independent and described <a shape="rect" href="fediz-configuration.html" title="Fediz Configuration">here</a>.</p>
+
+<p>The Fediz plugin requires to configure the FederationAuthenticator like any other Valve in Tomcat which is described here <a shape="rect" class="external-link" href="http://tomcat.apache.org/tomcat-7.0-doc/config/valve.html">here</a>.</p>
+
+<p>A valve can be configured on different levels like <em>Host</em> or <em>Context</em>. The Fediz configuration file allows to configure all servlet contexts in one file or choose one file per Servlet Context. If you choose to have one Fediz configuration file per Servlet Context then you must configure the FederationAuthenticator on the <em>Context</em> level otherwise on the <em>Host</em> level in the Tomcat configuration file <em>server.xml</em></p>
+
+
+<p>You can either configure the context in the server.xml or in META-INF/context.xml as part of your WAR file.</p>
+
+<h5><a shape="rect" name="FedizTomcat-METAINF%2Fcontext.xml"></a>META-INF/context.xml</h5>
+<div class="code panel" style="border-width: 1px;"><div class="codeContent panelContent">
+<pre class="code-xml">
+ <span class="code-tag"><Context></span>
+ <Valve className=<span class="code-quote">"org.apache.cxf.fediz.tomcat.FederationAuthenticator"</span>
+ configFile=<span class="code-quote">"conf/Fediz_config.xml"</span> />
+ <span class="code-tag"></Context></span>
+</pre>
+</div></div>
+
+<h5><a shape="rect" name="FedizTomcat-Hostlevelinserver.xml"></a>Host level in server.xml</h5>
+<div class="code panel" style="border-width: 1px;"><div class="codeContent panelContent">
+<pre class="code-xml">
+ <Host name=<span class="code-quote">"localhost"</span> appBase=<span class="code-quote">"webapps"</span>
+ unpackWARs=<span class="code-quote">"true"</span> autoDeploy=<span class="code-quote">"true"</span>>
+ <Valve className=<span class="code-quote">"org.apache.cxf.fediz.tomcat.FederationAuthenticator"</span>
+ configFile=<span class="code-quote">"conf/Fediz_config.xml"</span> />
+ <span class="code-tag"></Host></span>
+</pre>
+</div></div>
+
+<h5><a shape="rect" name="FedizTomcat-Contextlevelinserver.xml"></a>Context level in server.xml</h5>
+<div class="code panel" style="border-width: 1px;"><div class="codeContent panelContent">
+<pre class="code-xml">
+ <span class="code-tag"><Context path=<span class="code-quote">"/fedizhelloworld"</span> docBase=<span class="code-quote">"fedizhelloworld"</span>></span>
+ <Valve className=<span class="code-quote">"org.apache.cxf.fediz.tomcat.FederationAuthenticator"</span>
+ configFile=<span class="code-quote">"conf/Fediz_config.xml"</span> />
+ <span class="code-tag"></Context></span>
+</pre>
+</div></div>
+
+<p>The Fediz configuration file is container independent and described here.</p>
+
+</div>
+ </div>
+ <!-- Content -->
+ </td>
+ </tr>
+ </table>
+ </td>
+ <td id="cell-2-2" colspan="2"> </td>
+ </tr>
+ <tr>
+ <td id="cell-3-0"> </td>
+ <td id="cell-3-1"> </td>
+ <td id="cell-3-2">
+ <div id="footer">
+ <!-- Footer -->
+ <div id="site-footer">
+ <a href="http://cxf.apache.org/privacy-policy.html">Privacy Policy</a> -
+ (<a href="https://cwiki.apache.org/confluence/pages/editpage.action?pageId=27846677">edit page</a>)
+ (<a href="https://cwiki.apache.org/confluence/display/CXF/Fediz+Tomcat?showComments=true&showCommentArea=true#addcomment">add comment</a>)<br>
+ Apache CXF, CXF, Apache, the Apache feather logo are trademarks of The Apache Software Foundation.<br>
+ All other marks mentioned may be trademarks or registered trademarks of their respective owners.
+ </div>
+ <!-- Footer -->
+ </div>
+ </td>
+ <td id="cell-3-3"> </td>
+ <td id="cell-3-4"> </td>
+ </tr>
+ <tr>
+ <td id="cell-4-0" colspan="2"> </td>
+ <td id="cell-4-1"> </td>
+ <td id="cell-4-2" colspan="2"> </td>
+ </tr>
+</table>
+
+<script type="text/javascript">
+var gaJsHost = (("https:" == document.location.protocol) ? "https://ssl." : "http://www.");
+document.write(unescape("%3Cscript src='" + gaJsHost + "google-analytics.com/ga.js' type='text/javascript'%3E%3C/script%3E"));
+</script>
+<script type="text/javascript">
+try {
+var pageTracker = _gat._getTracker("UA-4458903-1");
+pageTracker._trackPageview();
+} catch(err) {}</script>
+
+</body>
+</html>
+
Modified: websites/production/cxf/content/fediz.html
==============================================================================
--- websites/production/cxf/content/fediz.html (original)
+++ websites/production/cxf/content/fediz.html Tue May 15 16:48:08 2012
@@ -173,17 +173,14 @@ The RP is the web application which shou
<h3><a shape="rect" name="Fediz-SettinguptheIDP"></a>Setting up the IDP</h3>
-<p>The following blog entries describe how to set up the IDP:</p>
-
-<p><a shape="rect" class="external-link" href="http://owulff.blogspot.com/2011/10/configure-and-deploy-cxf-25-sts-part-i.html" rel="nofollow">STS WAR</a><br clear="none">
-<a shape="rect" class="external-link" href="http://owulff.blogspot.com/2011/10/configure-and-deploy-identity-provider.html" rel="nofollow">IDP WAR</a></p>
+<p>The installation and configuration of the IDP is documented <a shape="rect" href="fediz-idp.html" title="Fediz IDP">here</a></p>
<h3><a shape="rect" name="Fediz-SetuptheRelyingPartyContainer"></a>Set up the Relying Party Container</h3>
<p>The Fediz plugin is deployed into the Relying Party (RP) container. The security mechanism is not specified by JEE. Even it is very similar in each Servlet Container there are some differences which requires dedicated Fediz plugins for each Servlet Container implementation. Most of the configuration is container independent and described <a shape="rect" href="fediz-configuration.html" title="Fediz Configuration">here</a></p>
<p>The following lists shows the supported containers and the location of the installation and configuration page.</p>
-<ul><li><a shape="rect" href="tomcat.html" title="Tomcat">Tomcat 7 </a></li></ul>
+<ul><li><a shape="rect" href="fediz-tomcat.html" title="Fediz Tomcat">Tomcat 7 </a></li></ul>