You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@cxf.apache.org by bu...@apache.org on 2013/11/10 21:48:10 UTC
svn commit: r886083 - in /websites/production/cxf/content: cache/main.pageCache fediz-configuration.html fediz-cxf.html fediz-downloads.html fediz-extensions.html fediz-idp-11.html fediz-jetty.html fediz-spring-2.html fediz-spring.html fediz.html

Author: buildbot
Date: Sun Nov 10 20:48:09 2013
New Revision: 886083

Log:
Production update by buildbot for cxf

Modified:
    websites/production/cxf/content/cache/main.pageCache
    websites/production/cxf/content/fediz-configuration.html
    websites/production/cxf/content/fediz-cxf.html
    websites/production/cxf/content/fediz-downloads.html
    websites/production/cxf/content/fediz-extensions.html
    websites/production/cxf/content/fediz-idp-11.html
    websites/production/cxf/content/fediz-jetty.html
    websites/production/cxf/content/fediz-spring-2.html
    websites/production/cxf/content/fediz-spring.html
    websites/production/cxf/content/fediz.html

Modified: websites/production/cxf/content/cache/main.pageCache
==============================================================================
Binary files - no diff available.

Modified: websites/production/cxf/content/fediz-configuration.html
==============================================================================
--- websites/production/cxf/content/fediz-configuration.html (original)
+++ websites/production/cxf/content/fediz-configuration.html Sun Nov 10 20:48:09 2013
@@ -166,7 +166,7 @@ Apache CXF -- Fediz Configuration
             &lt;/trustManager&gt;
         &lt;/certificateStores&gt;
         &lt;trustedIssuers&gt;
-            &lt;issuer name="issuer 1" certificateValidation="ChainTrust" subject=".*CN=www.sts.com.*" /&gt;
+            &lt;issuer certificateValidation="PeerTrust" /&gt;
         &lt;/trustedIssuers&gt;
         &lt;protocol xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:type="federationProtocolType" version="1.2"&gt;
             &lt;issuer&gt;https://localhost:9443/fediz-idp/&lt;/issuer&gt;
@@ -210,7 +210,7 @@ See example <a shape="rect" class="exter
 <h5><a shape="rect" name="FedizConfiguration-Attributesresolvedatruntime"></a>Attributes resolved at runtime</h5>
 
 <p>The following attributes can be either configured statically at deployment time or dynamically when the initial request is received:</p>
-<ul><li>authenticationType</li><li>homeRealm</li><li>issuer</li></ul>
+<ul><li>authenticationType</li><li>homeRealm</li><li>issuer</li><li>realm</li></ul>
 
 
 <p>These configuration elements allows for configuring a CallbackHandler which gets a Callback object where the appropriate value must be set. The CallbackHandler implementation has access to the HttpServletRequest. The XML attribute <tt>type</tt> must be set to <tt>Class</tt>.</p>
@@ -236,7 +236,7 @@ See example <a shape="rect" class="exter
         &lt;/certificateStores&gt;
         &lt;maximumClockSkew&gt;10&lt;/maximumClockSkew&gt;
         &lt;trustedIssuers&gt;
-            &lt;issuer name="issuer 1" certificateValidation="ChainTrust" subject=".*CN=www.sts.com.*" /&gt;
+            &lt;issuer certificateValidation="PeerTrust" /&gt;
         &lt;/trustedIssuers&gt;
         &lt;signingKey keyPassword="tompass"&gt;
             &lt;keyStore file="tomcatKeystore.jks" password="tompass" type="JKS" /&gt;

Modified: websites/production/cxf/content/fediz-cxf.html
==============================================================================
--- websites/production/cxf/content/fediz-cxf.html (original)
+++ websites/production/cxf/content/fediz-cxf.html Sun Nov 10 20:48:09 2013
@@ -145,7 +145,7 @@ Apache CXF -- Fediz CXF
          <td height="100%">
            <!-- Content -->
            <div class="wiki-content">
-<div id="ConfluenceContent"><h1><a shape="rect" name="FedizCXF-CXFPlugin%281.1SNAPSHOT%29"></a>CXF Plugin (1.1 SNAPSHOT)</h1>
+<div id="ConfluenceContent"><h1><a shape="rect" name="FedizCXF-CXFPlugin%281.1%29"></a>CXF Plugin (1.1)</h1>
 <p>The subproject Fediz purpose is to provide Single Sign On for Web Applications which is independent of an underlying Web Services framework like Apache CXF. The Fediz plugins for Tomcat, Jetty, etc. are independent of Apache CXF, whereas the Fediz IDP leverages the capabilities of the CXF STS to issue SAML tokens with Claims information to build applications which use Claims Based Authorization with all the benefits.</p>
 
 <p>If the Fediz protected web application integrates with another application using Web Services you need to bundle a Web Services framework like Apache CXF with your web application. If it is required to support impersonation to call the Web Service, the security context of the application server must be delegated to the Web Services stack thus it can make the Web Service call on behalf of the browser user.</p>

Modified: websites/production/cxf/content/fediz-downloads.html
==============================================================================
--- websites/production/cxf/content/fediz-downloads.html (original)
+++ websites/production/cxf/content/fediz-downloads.html Sun Nov 10 20:48:09 2013
@@ -147,8 +147,7 @@ Apache CXF -- Fediz Downloads
 <div id="ConfluenceContent"><h1><a shape="rect" name="FedizDownloads-Releases"></a>Releases</h1>
 
 <h2><a shape="rect" name="FedizDownloads-1.1.0"></a>1.1.0</h2>
-<p>The 1.1.0 release is our latest release. For more information please see the <a shape="rect" class="external-link" href="http://svn.apache.org/viewvc/cxf/fediz/tags/fediz-1.1.0/release_notes.txt?view=markup">release notes</a>.</p>
-
+<p>The 1.1.0 release is our latest release. For more information please see the <a shape="rect" class="external-link" href="http://svn.apache.org/viewvc/cxf/fediz/tags/fediz-1.1.0/release_notes.txt?view=markup">release notes</a> and the <a shape="rect" href="migration-guide-11.html" title="Migration Guide 1.1">migration guide</a>.</p>
 <div class="table-wrap">
 <table class="confluenceTable"><tbody><tr><th colspan="1" rowspan="1" class="confluenceTh">Description</th><th colspan="1" rowspan="1" class="confluenceTh">File</th><th colspan="1" rowspan="1" class="confluenceTh">MD5</th><th colspan="1" rowspan="1" class="confluenceTh">SHA1</th><th colspan="1" rowspan="1" class="confluenceTh">PGP</th></tr><tr><td colspan="1" rowspan="1" class="confluenceTd">Binary distribution</td><td colspan="1" rowspan="1" class="confluenceTd"><a shape="rect" class="external-link" href="http://www.apache.org/dyn/closer.cgi?path=/cxf/fediz/1.1.0/apache-fediz-1.1.0.zip">apache-fediz-1.1.0.zip</a></td><td colspan="1" rowspan="1" class="confluenceTd"><a shape="rect" class="external-link" href="http://www.apache.org/dist/cxf/fediz/1.1.0/apache-fediz-1.1.0.zip.md5">apache-fediz-1.1.0.zip.md5</a></td><td colspan="1" rowspan="1" class="confluenceTd"><a shape="rect" class="external-link" href="http://www.apache.org/dist/cxf/fediz/1.1.0/apache-fediz-1.1.0.zip.sha1">apache-
 fediz-1.1.0.zip.sha1</a></td><td colspan="1" rowspan="1" class="confluenceTd"><a shape="rect" class="external-link" href="http://www.apache.org/dist/cxf/fediz/1.1.0/apache-fediz-1.1.0.zip.asc">apache-fediz-1.1.0.zip.asc</a></td></tr><tr><td></td></tr><tr><td colspan="1" rowspan="1" class="confluenceTd">Source distribution</td><td colspan="1" rowspan="1" class="confluenceTd"><a shape="rect" class="external-link" href="http://www.apache.org/dyn/closer.cgi?path=/cxf/fediz/1.1.0/fediz-1.1.0-source-release.zip">fediz-1.1.0-source-release.zip</a></td><td colspan="1" rowspan="1" class="confluenceTd"><a shape="rect" class="external-link" href="http://www.apache.org/dist/cxf/fediz/1.1.0/fediz-1.1.0-source-release.zip.md5">fediz-1.1.0-source-release.zip.md5</a></td><td colspan="1" rowspan="1" class="confluenceTd"><a shape="rect" class="external-link" href="http://www.apache.org/dist/cxf/fediz/1.1.0/fediz-1.1.0-source-release.zip.sha1">fediz-1.1.0-source-release.zip.sha1</a></td><td colspan="1
 " rowspan="1" class="confluenceTd"><a shape="rect" class="external-link" href="http://www.apache.org/dist/cxf/fediz/1.1.0/fediz-1.1.rce-release.zip.asc">fediz-1.1.0-source-release.zip.asc</a></td></tr><tr><td></td></tr></tbody></table>
 </div>

Modified: websites/production/cxf/content/fediz-extensions.html
==============================================================================
--- websites/production/cxf/content/fediz-extensions.html (original)
+++ websites/production/cxf/content/fediz-extensions.html Sun Nov 10 20:48:09 2013
@@ -154,7 +154,7 @@ Apache CXF -- Fediz Extensions
 <p>The following table gives an overview of the parameters which can be resolved at runtime. It contains the XML element name of the Fediz configuration file, the query parameter name of the sign-in request to the IDP as well as the Callback class.</p>
 
 <div class="table-wrap">
-<table class="confluenceTable"><tbody><tr><th colspan="1" rowspan="1" class="confluenceTh">XML element </th><th colspan="1" rowspan="1" class="confluenceTh">Query parameter </th><th colspan="1" rowspan="1" class="confluenceTh">Callback class </th><th colspan="1" rowspan="1" class="confluenceTh">Supported version</th></tr><tr><td colspan="1" rowspan="1" class="confluenceTd"> authenticationType </td><td colspan="1" rowspan="1" class="confluenceTd"> wauth </td><td colspan="1" rowspan="1" class="confluenceTd"> WAuthCallback </td><td colspan="1" rowspan="1" class="confluenceTd"> 1.0.0 </td></tr><tr><td colspan="1" rowspan="1" class="confluenceTd"> homeRealm </td><td colspan="1" rowspan="1" class="confluenceTd"> whr </td><td colspan="1" rowspan="1" class="confluenceTd"> HomeRealmCallback </td><td colspan="1" rowspan="1" class="confluenceTd"> 1.0.0 </td></tr><tr><td colspan="1" rowspan="1" class="confluenceTd"> issuer </td><td colspan="1" rowspan="1" class="confluenceTd"> N.A. </td><td col
 span="1" rowspan="1" class="confluenceTd"> IDPCallback </td><td colspan="1" rowspan="1" class="confluenceTd"> 1.0.0 </td></tr><tr><td colspan="1" rowspan="1" class="confluenceTd"> freshness </td><td colspan="1" rowspan="1" class="confluenceTd"> wfresh </td><td colspan="1" rowspan="1" class="confluenceTd"> FreshnessCallback </td><td colspan="1" rowspan="1" class="confluenceTd"> 1.0.2 </td></tr></tbody></table>
+<table class="confluenceTable"><tbody><tr><th colspan="1" rowspan="1" class="confluenceTh">XML element </th><th colspan="1" rowspan="1" class="confluenceTh">Query parameter </th><th colspan="1" rowspan="1" class="confluenceTh">Callback class </th><th colspan="1" rowspan="1" class="confluenceTh">Supported version</th></tr><tr><td colspan="1" rowspan="1" class="confluenceTd"> authenticationType </td><td colspan="1" rowspan="1" class="confluenceTd"> wauth </td><td colspan="1" rowspan="1" class="confluenceTd"> WAuthCallback </td><td colspan="1" rowspan="1" class="confluenceTd"> 1.0.0 </td></tr><tr><td colspan="1" rowspan="1" class="confluenceTd"> homeRealm </td><td colspan="1" rowspan="1" class="confluenceTd"> whr </td><td colspan="1" rowspan="1" class="confluenceTd"> HomeRealmCallback </td><td colspan="1" rowspan="1" class="confluenceTd"> 1.0.0 </td></tr><tr><td colspan="1" rowspan="1" class="confluenceTd"> issuer </td><td colspan="1" rowspan="1" class="confluenceTd"> N.A. </td><td col
 span="1" rowspan="1" class="confluenceTd"> IDPCallback </td><td colspan="1" rowspan="1" class="confluenceTd"> 1.0.0 </td></tr><tr><td colspan="1" rowspan="1" class="confluenceTd"> freshness </td><td colspan="1" rowspan="1" class="confluenceTd"> wfresh </td><td colspan="1" rowspan="1" class="confluenceTd"> FreshnessCallback </td><td colspan="1" rowspan="1" class="confluenceTd"> 1.0.2 </td></tr><tr><td colspan="1" rowspan="1" class="confluenceTd"> realm </td><td colspan="1" rowspan="1" class="confluenceTd"> wtrealm </td><td colspan="1" rowspan="1" class="confluenceTd"> RealmCallback </td><td colspan="1" rowspan="1" class="confluenceTd"> 1.1.0 </td></tr><tr><td colspan="1" rowspan="1" class="confluenceTd"> N.A. </td><td colspan="1" rowspan="1" class="confluenceTd"> any </td><td colspan="1" rowspan="1" class="confluenceTd"> SignInQueryCallback </td><td colspan="1" rowspan="1" class="confluenceTd"> 1.1.0 </td></tr></tbody></table>
 </div>
 
 

Modified: websites/production/cxf/content/fediz-idp-11.html
==============================================================================
--- websites/production/cxf/content/fediz-idp-11.html (original)
+++ websites/production/cxf/content/fediz-idp-11.html Sun Nov 10 20:48:09 2013
@@ -147,6 +147,8 @@ Apache CXF -- Fediz IDP 1.1
            <div class="wiki-content">
 <div id="ConfluenceContent"><h1><a shape="rect" name="FedizIDP1.1-FedizIDP"></a>Fediz IDP</h1>
 
+<p><em>Note:</em> Fediz IDP 1.0 is described <a shape="rect" href="fediz-idp.html" title="Fediz IDP">here </a>.</p>
+
 <p>The Release 1.1 introduces the following new feature:</p>
 
 <ul><li>Federation Metadata<br clear="none">

Modified: websites/production/cxf/content/fediz-jetty.html
==============================================================================
--- websites/production/cxf/content/fediz-jetty.html (original)
+++ websites/production/cxf/content/fediz-jetty.html Sun Nov 10 20:48:09 2013
@@ -145,7 +145,7 @@ Apache CXF -- Fediz Jetty
          <td height="100%">
            <!-- Content -->
            <div class="wiki-content">
-<div id="ConfluenceContent"><h1><a shape="rect" name="FedizJetty-JettyPlugin%281.1SNAPSHOT%29"></a>Jetty Plugin (1.1 SNAPSHOT)</h1>
+<div id="ConfluenceContent"><h1><a shape="rect" name="FedizJetty-JettyPlugin%281.1%29"></a>Jetty Plugin (1.1)</h1>
 <p>This page describes how to enable Federation for a Jetty 7/8 instance hosting Relying Party (RP) applications.  This configuration is not for a separate Tomcat instance hosting the Fediz IDP and IDP STS WARs, or hosts for third-party applications that use Fediz STS-generated SAML assertions for authentication.  After this configuration is done, the Jetty-RP instance will validate the incoming SignInResponse created by the IDP server.</p>
 
 <p>Prior to doing this configuration, make sure you've first deployed the Fediz IDP and STS on the Tomcat IDP instance as discussed <a shape="rect" href="fediz-idp.html" title="Fediz IDP">here</a>, and can view the STS WSDL at the URL given on that page.  That page also provides some tips for running multiple Tomcat instances on your machine.</p>

Modified: websites/production/cxf/content/fediz-spring-2.html
==============================================================================
--- websites/production/cxf/content/fediz-spring-2.html (original)
+++ websites/production/cxf/content/fediz-spring-2.html Sun Nov 10 20:48:09 2013
@@ -145,7 +145,7 @@ Apache CXF -- Fediz Spring 2
          <td height="100%">
            <!-- Content -->
            <div class="wiki-content">
-<div id="ConfluenceContent"><h1><a shape="rect" name="FedizSpring2-SpringSecurity2.0Plugin%281.1SNAPSHOT%29"></a>Spring Security 2.0 Plugin (1.1 SNAPSHOT)</h1>
+<div id="ConfluenceContent"><h1><a shape="rect" name="FedizSpring2-SpringSecurity2.0Plugin%281.1%29"></a>Spring Security 2.0 Plugin (1.1)</h1>
 
 <p>This page describes how to enable Federation for a <a shape="rect" class="external-link" href="http://static.springsource.org/spring-security/site/docs/2.0.x/reference/html/springsecurity.html" rel="nofollow">Spring Security</a> based Web Application. Spring Security provides more authorization capabilities than defined in the Java Servlet specification. Beyond authorizing web requests Spring Security supports authorizing whether methods can be invoked and authorizing access to individual domain object instances.</p>
 

Modified: websites/production/cxf/content/fediz-spring.html
==============================================================================
--- websites/production/cxf/content/fediz-spring.html (original)
+++ websites/production/cxf/content/fediz-spring.html Sun Nov 10 20:48:09 2013
@@ -145,7 +145,7 @@ Apache CXF -- Fediz Spring
          <td height="100%">
            <!-- Content -->
            <div class="wiki-content">
-<div id="ConfluenceContent"><h1><a shape="rect" name="FedizSpring-SpringSecurity3.1Plugin%281.1SNAPSHOT%29"></a>Spring Security 3.1 Plugin (1.1 SNAPSHOT)</h1>
+<div id="ConfluenceContent"><h1><a shape="rect" name="FedizSpring-SpringSecurity3.1Plugin%281.1%29"></a>Spring Security 3.1 Plugin (1.1)</h1>
 
 <p>This page describes how to enable Federation for a <a shape="rect" class="external-link" href="http://static.springsource.org/spring-security/site/docs/3.1.x/reference/springsecurity.html" rel="nofollow">Spring Security</a> based Web Application. Spring Security provides more authorization capabilities than defined in the Java Servlet specification. Beyond authorizing web requests Spring Security supports authorizing whether methods can be invoked and authorizing access to individual domain object instances.</p>
 

Modified: websites/production/cxf/content/fediz.html
==============================================================================
--- websites/production/cxf/content/fediz.html (original)
+++ websites/production/cxf/content/fediz.html Sun Nov 10 20:48:09 2013
@@ -144,16 +144,18 @@ Apache CXF -- Fediz
 
 <h2><a shape="rect" name="Fediz-News"></a>News</h2>
 
-<p>Apache CXF Fediz 1.0.3 has been released. For more information, please go <a shape="rect" href="fediz-downloads.html" title="Fediz Downloads">here</a>.</p>
+<p>*November 9, 2013 - Apache CXF Fediz 1.1.0 released!</p>
+
+<p>Apache CXF Fediz 1.1.0 has been released. For more information, please go <a shape="rect" href="fediz-downloads.html" title="Fediz Downloads">here</a>.</p>
 
 <h2><a shape="rect" name="Fediz-Features"></a>Features</h2>
 
-<p>The following features are supported by the Fediz plugin 1.0</p>
-<ul><li>WS-Federation 1.0/1.1/1.2</li><li>SAML 1.1/2.0 Tokens</li><li>Custom token support</li><li>Publish WS-Federation Metadata document</li><li>Role information encoded as AttributeStatement in SAML 1.1/2.0 tokens</li><li>Claims information provided by FederationPrincipal interface</li></ul>
+<p>The following features are supported by Fediz 1.1</p>
+<ul><li>WS-Federation 1.0/1.1/1.2</li><li>SAML 1.1/2.0 Tokens</li><li>Support for encrypted SAML Tokens (Release 1.1)</li><li>Support for Holder-Of-Key SubjectConfirmationMethod (1.1)</li><li>Custom token Support</li><li>Publish WS-Federation Metadata document</li><li>Role information encoded as AttributeStatement in SAML 1.1/2.0 tokens</li><li>Claims information provided by FederationPrincipal Interface</li><li>Support for Tomcat, Jetty, Websphere, Spring Security and CXF (1.1)</li><li>Fediz IDP supports "Resource IDP" role as well (1.1)</li></ul>
 
 
 <p>The following features are planned for the next release:</p>
-<ul><li>Support for Jetty and JBoss</li><li>CXF plugin</li><li>Support for encrypted SAML tokens</li><li>Support for Holder-Of-Key SubjectConfirmationMethod</li><li>"Resource IDP" support for Fediz IDP</li><li>support for other protocols like SAML-P, OAuth</li></ul>
+<ul><li>support for other protocols like SAML-P, OAuth</li></ul>
 
 
 <p>You can get the current status of the enhancements <a shape="rect" class="external-link" href="https://issues.apache.org/jira/browse/FEDIZ">here </a>.</p>
@@ -179,14 +181,14 @@ The RP is a web application that needs t
 
 <h3><a shape="rect" name="Fediz-SettinguptheIDP"></a>Setting up the IDP</h3>
 
-<p>The installation and configuration of the IDP is documented <a shape="rect" href="fediz-idp.html" title="Fediz IDP">here</a></p>
+<p>The installation and configuration of the IDP is documented <a shape="rect" href="fediz-idp-11.html" title="Fediz IDP 1.1">here</a></p>
 
 <h3><a shape="rect" name="Fediz-SetuptheRelyingPartyContainer"></a>Set up the Relying Party Container</h3>
 
 <p>The Fediz plugin needs to be deployed into the Relying Party (RP) container. The security mechanism is not specified by JEE. Even though it is very similar in each servlet container there are some differences which require a dedicated Fediz plugin for each servlet container implementation. Most of the configuration goes into a Servlet container independent configuration file which is described <a shape="rect" href="fediz-configuration.html" title="Fediz Configuration">here</a></p>
 
 <p>The following lists shows the supported containers and the location of the installation and configuration page.</p>
-<ul><li><a shape="rect" href="fediz-tomcat.html" title="Fediz Tomcat">Tomcat 7 </a></li><li><a shape="rect" href="fediz-jetty.html" title="Fediz Jetty">Jetty 7/8 (1.1 SNAPSHOT)</a></li><li><a shape="rect" href="fediz-spring.html" title="Fediz Spring">Spring Security 3.1 (1.1 SNAPSHOT)</a></li><li><a shape="rect" href="fediz-cxf.html" title="Fediz CXF">CXF (1.1 SNAPSHOT) </a></li></ul>
+<ul><li><a shape="rect" href="fediz-tomcat.html" title="Fediz Tomcat">Tomcat 7 </a></li><li><a shape="rect" href="fediz-jetty.html" title="Fediz Jetty">Jetty 7/8 (1.1)</a></li><li><a shape="rect" href="fediz-spring.html" title="Fediz Spring">Spring Security 3.1 (1.1)</a></li><li><a shape="rect" href="fediz-websphere.html" title="Fediz Websphere">Websphere 7/8 (1.1)</a></li><li><a shape="rect" href="fediz-cxf.html" title="Fediz CXF">CXF (1.1) </a></li></ul>
 
 
 
@@ -201,7 +203,7 @@ The RP is a web application that needs t
 </div>
 
 
-<p><a shape="rect" href="#Fediz-building">building</a></p>
+<p><a shape="rect" name="Fediz-building"></a></p>
 <h2><a shape="rect" name="Fediz-Building"></a>Building</h2>
 
 <p>Check out the code from here:</p>