You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@cxf.apache.org by Oliver Wulff <ow...@talend.com> on 2013/04/02 22:49:03 UTC
RE: svn commit: r1462277 [1/2] - in /cxf/fediz/trunk: ./
examples/simpleWebapp/src/main/config/
examples/simpleWebapp/src/main/resources/
examples/springWebapp/src/main/config/ examples/wsclientWebapp/webapp/
examples/wsclientWebapp/webapp/src/main/con...
Hi Colm
Thanks for letting me know. Weird, I didn't get a notification.
I've committed the fix.
Thanks
Oli
------
Oliver Wulff
Blog: http://owulff.blogspot.com
Solution Architect
http://coders.talend.com
Talend Application Integration Division http://www.talend.com
________________________________________
From: Colm O hEigeartaigh [coheigea@apache.org]
Sent: 02 April 2013 16:52
To: dev@cxf.apache.org
Subject: Re: svn commit: r1462277 [1/2] - in /cxf/fediz/trunk: ./ examples/simpleWebapp/src/main/config/ examples/simpleWebapp/src/main/resources/ examples/springWebapp/src/main/config/ examples/wsclientWebapp/webapp/ examples/wsclientWebapp/webapp/src/main/con...
Hi Oli,
This merge caused some of the systests to fail...
Colm.
On Thu, Mar 28, 2013 at 7:53 PM, <ow...@apache.org> wrote:
> Author: owulff
> Date: Thu Mar 28 19:53:35 2013
> New Revision: 1462277
>
> URL: http://svn.apache.org/r1462277
> Log:
> Merge branch 'springidp' into trunk
>
> Added:
>
> cxf/fediz/trunk/services/idp/src/main/java/org/apache/cxf/fediz/service/idp/UsernamePasswordCredentials.java
>
> cxf/fediz/trunk/services/idp/src/main/java/org/apache/cxf/fediz/service/idp/beans/
>
> cxf/fediz/trunk/services/idp/src/main/java/org/apache/cxf/fediz/service/idp/beans/DecodeAuthorizationHeaderAction.java
>
> cxf/fediz/trunk/services/idp/src/main/java/org/apache/cxf/fediz/service/idp/beans/InitialFlowSetupAction.java
>
> cxf/fediz/trunk/services/idp/src/main/java/org/apache/cxf/fediz/service/idp/beans/LogoutAction.java
>
> cxf/fediz/trunk/services/idp/src/main/java/org/apache/cxf/fediz/service/idp/beans/STSClientAction.java
>
> cxf/fediz/trunk/services/idp/src/main/java/org/apache/cxf/fediz/service/idp/beans/WfreshParser.java
>
> cxf/fediz/trunk/services/idp/src/main/java/org/apache/cxf/fediz/service/idp/util/
>
> cxf/fediz/trunk/services/idp/src/main/java/org/apache/cxf/fediz/service/idp/util/WebUtils.java
>
> cxf/fediz/trunk/services/idp/src/main/webapp/WEB-INF/federation-webflow.xml
> cxf/fediz/trunk/services/idp/src/main/webapp/WEB-INF/genericerror.jsp
> cxf/fediz/trunk/services/idp/src/main/webapp/WEB-INF/idp-servlet.xml
>
> cxf/fediz/trunk/services/idp/src/main/webapp/WEB-INF/signinresponseform.jsp
>
> cxf/fediz/trunk/services/idp/src/main/webapp/WEB-INF/signoutresponse.jsp
> cxf/fediz/trunk/systests/jetty8/src/test/webapps/
> cxf/fediz/trunk/systests/jetty8/src/test/webapps/fediz-idp/
> cxf/fediz/trunk/systests/jetty8/src/test/webapps/fediz-idp/WEB-INF/
>
> cxf/fediz/trunk/systests/jetty8/src/test/webapps/fediz-idp/WEB-INF/idp-servlet.xml
> cxf/fediz/trunk/systests/tomcat7/src/test/webapps/
> cxf/fediz/trunk/systests/tomcat7/src/test/webapps/fediz-idp/
> cxf/fediz/trunk/systests/tomcat7/src/test/webapps/fediz-idp/WEB-INF/
>
> cxf/fediz/trunk/systests/tomcat7/src/test/webapps/fediz-idp/WEB-INF/idp-servlet.xml
> Modified:
> cxf/fediz/trunk/.gitignore
> cxf/fediz/trunk/examples/simpleWebapp/src/main/config/fediz_config.xml
>
> cxf/fediz/trunk/examples/simpleWebapp/src/main/resources/log4j.properties
>
> cxf/fediz/trunk/examples/simpleWebapp/src/main/resources/logging.properties
> cxf/fediz/trunk/examples/springWebapp/src/main/config/fediz_config.xml
> cxf/fediz/trunk/examples/wsclientWebapp/webapp/pom.xml
>
> cxf/fediz/trunk/examples/wsclientWebapp/webapp/src/main/config/fediz_config.xml
>
> cxf/fediz/trunk/examples/wsclientWebapp/webapp/src/main/resources/logging.properties
>
> cxf/fediz/trunk/examples/wsclientWebapp/webapp/src/main/webapp/WEB-INF/web.xml
> cxf/fediz/trunk/pom.xml
> cxf/fediz/trunk/services/idp/pom.xml
> cxf/fediz/trunk/services/idp/src/main/resources/log4j.properties
> cxf/fediz/trunk/services/idp/src/main/resources/logging.properties
>
> cxf/fediz/trunk/services/idp/src/main/webapp/WEB-INF/applicationContext.xml
> cxf/fediz/trunk/services/idp/src/main/webapp/WEB-INF/signinform.jsp
> cxf/fediz/trunk/services/idp/src/main/webapp/WEB-INF/web.xml
> cxf/fediz/trunk/services/sts/pom.xml
> cxf/fediz/trunk/services/sts/src/main/resources/log4j.properties
> cxf/fediz/trunk/services/sts/src/main/resources/logging.properties
> cxf/fediz/trunk/services/sts/src/main/webapp/WEB-INF/cxf-transport.xml
> cxf/fediz/trunk/systests/jetty8/pom.xml
>
> cxf/fediz/trunk/systests/jetty8/src/test/java/org/apache/cxf/fediz/integrationtests/JettyPreAuthSpringTest.java
>
> cxf/fediz/trunk/systests/jetty8/src/test/java/org/apache/cxf/fediz/integrationtests/JettyTest.java
>
> cxf/fediz/trunk/systests/jetty8/src/test/java/org/apache/cxf/fediz/integrationtests/JettyUtils.java
> cxf/fediz/trunk/systests/jetty8/src/test/resources/fediz_config.xml
> cxf/fediz/trunk/systests/jetty8/src/test/resources/idp-server.xml
> cxf/fediz/trunk/systests/jetty8/src/test/resources/rp-server.xml
> cxf/fediz/trunk/systests/spring/src/test/resources/fediz_config.xml
> cxf/fediz/trunk/systests/spring/src/test/resources/idp-server.xml
>
> cxf/fediz/trunk/systests/tests/src/test/java/org/apache/cxf/fediz/integrationtests/AbstractTests.java
> cxf/fediz/trunk/systests/tomcat7/pom.xml
>
> cxf/fediz/trunk/systests/tomcat7/src/test/java/org/apache/cxf/fediz/integrationtests/TomcatTest.java
> cxf/fediz/trunk/systests/tomcat7/src/test/resources/fediz_config.xml
>
> Modified: cxf/fediz/trunk/.gitignore
> URL:
> http://svn.apache.org/viewvc/cxf/fediz/trunk/.gitignore?rev=1462277&r1=1462276&r2=1462277&view=diff
>
> ==============================================================================
> --- cxf/fediz/trunk/.gitignore (original)
> +++ cxf/fediz/trunk/.gitignore Thu Mar 28 19:53:35 2013
> @@ -8,6 +8,8 @@
> .project
> .ruleset
> .settings/
> +.svn/
> target/
> velocity.log
> +.externalToolBuilders/
>
>
> Modified:
> cxf/fediz/trunk/examples/simpleWebapp/src/main/config/fediz_config.xml
> URL:
> http://svn.apache.org/viewvc/cxf/fediz/trunk/examples/simpleWebapp/src/main/config/fediz_config.xml?rev=1462277&r1=1462276&r2=1462277&view=diff
>
> ==============================================================================
> --- cxf/fediz/trunk/examples/simpleWebapp/src/main/config/fediz_config.xml
> (original)
> +++ cxf/fediz/trunk/examples/simpleWebapp/src/main/config/fediz_config.xml
> Thu Mar 28 19:53:35 2013
> @@ -21,11 +21,11 @@
> <protocol xmlns:xsi="
> http://www.w3.org/2001/XMLSchema-instance"
> xsi:type="federationProtocolType" version="1.0.0">
>
> <realm>urn:org:apache:cxf:fediz:fedizhelloworld</realm>
> - <issuer>https://localhost:9443/fediz-idp/</issuer>
> + <issuer>
> https://localhost:9443/fediz-idp/federation</issuer>
> <roleDelimiter>,</roleDelimiter>
> <roleURI>
> http://schemas.xmlsoap.org/ws/2005/05/identity/claims/role</roleURI>
> <!--<authenticationType type="String">some auth
> type</authenticationType>-->
> - <!--<homeRealm
> type="Class">org.apache.fediz.realm.MyHomeRealm</homeRealm>-->
> + <homeRealm
> type="Class">org.apache.cxf.fediz.example.HomeRealmCallbackHandler</homeRealm>
> <!--<freshness>0</freshness>-->
> <!--<reply>reply value</reply>-->
> <!--<request>REQUEST</request>-->
>
> Modified:
> cxf/fediz/trunk/examples/simpleWebapp/src/main/resources/log4j.properties
> URL:
> http://svn.apache.org/viewvc/cxf/fediz/trunk/examples/simpleWebapp/src/main/resources/log4j.properties?rev=1462277&r1=1462276&r2=1462277&view=diff
>
> ==============================================================================
> ---
> cxf/fediz/trunk/examples/simpleWebapp/src/main/resources/log4j.properties
> (original)
> +++
> cxf/fediz/trunk/examples/simpleWebapp/src/main/resources/log4j.properties
> Thu Mar 28 19:53:35 2013
> @@ -1,6 +1,6 @@
> # Set root category priority to INFO and its only appender to CONSOLE.
> -log4j.rootCategory=FATAL, CONSOLE
> -#log4j.rootCategory=DEBUG, CONSOLE
> +#log4j.rootCategory=FATAL, CONSOLE
> +log4j.rootCategory=DEBUG, CONSOLE
>
> # CONSOLE is set to be a ConsoleAppender using a PatternLayout.
> log4j.appender.CONSOLE=org.apache.log4j.ConsoleAppender
>
> Modified:
> cxf/fediz/trunk/examples/simpleWebapp/src/main/resources/logging.properties
> URL:
> http://svn.apache.org/viewvc/cxf/fediz/trunk/examples/simpleWebapp/src/main/resources/logging.properties?rev=1462277&r1=1462276&r2=1462277&view=diff
>
> ==============================================================================
> ---
> cxf/fediz/trunk/examples/simpleWebapp/src/main/resources/logging.properties
> (original)
> +++
> cxf/fediz/trunk/examples/simpleWebapp/src/main/resources/logging.properties
> Thu Mar 28 19:53:35 2013
> @@ -38,9 +38,9 @@ java.util.logging.FileHandler.count = 1
> java.util.logging.FileHandler.formatter = java.util.logging.XMLFormatter
>
> # Limit the message that are printed on the console to WARNING and above.
> -java.util.logging.ConsoleHandler.level = INFO
> +java.util.logging.ConsoleHandler.level = FINEST
> java.util.logging.ConsoleHandler.formatter =
> java.util.logging.SimpleFormatter
> -
> +java.util.logging.SimpleFormatter.format="HEL %1$tc %2$s%n%4$s:
> %5$s%6$s%n"
>
> ############################################################
> # Facility specific properties.
> @@ -50,3 +50,4 @@ java.util.logging.ConsoleHandler.formatt
> # For example, set the com.xyz.foo logger to only log SEVERE
> # messages:
> #com.xyz.foo.level = SEVERE
> +org.apache.cxf.fediz.level = FINE
> \ No newline at end of file
>
> Modified:
> cxf/fediz/trunk/examples/springWebapp/src/main/config/fediz_config.xml
> URL:
> http://svn.apache.org/viewvc/cxf/fediz/trunk/examples/springWebapp/src/main/config/fediz_config.xml?rev=1462277&r1=1462276&r2=1462277&view=diff
>
> ==============================================================================
> --- cxf/fediz/trunk/examples/springWebapp/src/main/config/fediz_config.xml
> (original)
> +++ cxf/fediz/trunk/examples/springWebapp/src/main/config/fediz_config.xml
> Thu Mar 28 19:53:35 2013
> @@ -21,11 +21,11 @@
> <protocol xmlns:xsi="
> http://www.w3.org/2001/XMLSchema-instance"
> xsi:type="federationProtocolType" version="1.0.0">
>
> <realm>urn:org:apache:cxf:fediz:fedizhelloworld</realm>
> - <issuer>https://localhost:9443/fediz-idp/</issuer>
> + <issuer>
> https://localhost:9443/fediz-idp/federation</issuer>
> <roleDelimiter>,</roleDelimiter>
> <roleURI>
> http://schemas.xmlsoap.org/ws/2005/05/identity/claims/role</roleURI>
> <!--<authenticationType type="String">some auth
> type</authenticationType>-->
> - <!--<homeRealm
> type="Class">org.apache.fediz.realm.MyHomeRealm</homeRealm>-->
> + <homeRealm
> type="Class">org.apache.cxf.fediz.example.HomeRealmCallbackHandler</homeRealm>
> <!--<freshness>0</freshness>-->
> <!--<reply>reply value</reply>-->
> <!--<request>REQUEST</request>-->
>
> Modified: cxf/fediz/trunk/examples/wsclientWebapp/webapp/pom.xml
> URL:
> http://svn.apache.org/viewvc/cxf/fediz/trunk/examples/wsclientWebapp/webapp/pom.xml?rev=1462277&r1=1462276&r2=1462277&view=diff
>
> ==============================================================================
> --- cxf/fediz/trunk/examples/wsclientWebapp/webapp/pom.xml (original)
> +++ cxf/fediz/trunk/examples/wsclientWebapp/webapp/pom.xml Thu Mar 28
> 19:53:35 2013
> @@ -121,7 +121,7 @@
> <groupId>org.slf4j</groupId>
> <artifactId>slf4j-api</artifactId>
> <version>${slf4j.version}</version>
> - <scope>compile</scope>
> + <scope>provided</scope>
> </dependency>
> </dependencies>
>
>
> Modified:
> cxf/fediz/trunk/examples/wsclientWebapp/webapp/src/main/config/fediz_config.xml
> URL:
> http://svn.apache.org/viewvc/cxf/fediz/trunk/examples/wsclientWebapp/webapp/src/main/config/fediz_config.xml?rev=1462277&r1=1462276&r2=1462277&view=diff
>
> ==============================================================================
> ---
> cxf/fediz/trunk/examples/wsclientWebapp/webapp/src/main/config/fediz_config.xml
> (original)
> +++
> cxf/fediz/trunk/examples/wsclientWebapp/webapp/src/main/config/fediz_config.xml
> Thu Mar 28 19:53:35 2013
> @@ -21,11 +21,11 @@
> <protocol xmlns:xsi="
> http://www.w3.org/2001/XMLSchema-instance"
> xsi:type="federationProtocolType" version="1.0.0">
>
> <realm>urn:org:apache:cxf:fediz:fedizhelloworld</realm>
> - <issuer>https://localhost:9443/fediz-idp/</issuer>
> + <issuer>
> https://localhost:9443/fediz-idp/federation</issuer>
> <roleDelimiter>,</roleDelimiter>
> <roleURI>
> http://schemas.xmlsoap.org/ws/2005/05/identity/claims/role</roleURI>
> <!--<authenticationType type="String">some auth
> type</authenticationType>-->
> - <!--<homeRealm
> type="Class">org.apache.fediz.realm.MyHomeRealm</homeRealm>-->
> + <homeRealm
> type="Class">org.apache.cxf.fediz.example.HomeRealmCallbackHandler</homeRealm>
> <!--<freshness>0</freshness>-->
> <!--<reply>reply value</reply>-->
> <!--<request>REQUEST</request>-->
>
> Modified:
> cxf/fediz/trunk/examples/wsclientWebapp/webapp/src/main/resources/logging.properties
> URL:
> http://svn.apache.org/viewvc/cxf/fediz/trunk/examples/wsclientWebapp/webapp/src/main/resources/logging.properties?rev=1462277&r1=1462276&r2=1462277&view=diff
>
> ==============================================================================
> ---
> cxf/fediz/trunk/examples/wsclientWebapp/webapp/src/main/resources/logging.properties
> (original)
> +++
> cxf/fediz/trunk/examples/wsclientWebapp/webapp/src/main/resources/logging.properties
> Thu Mar 28 19:53:35 2013
> @@ -38,9 +38,9 @@ java.util.logging.FileHandler.count = 1
> java.util.logging.FileHandler.formatter = java.util.logging.XMLFormatter
>
> # Limit the message that are printed on the console to WARNING and above.
> -java.util.logging.ConsoleHandler.level = INFO
> +java.util.logging.ConsoleHandler.level = FINEST
> java.util.logging.ConsoleHandler.formatter =
> java.util.logging.SimpleFormatter
> -
> +java.util.logging.SimpleFormatter.format="HEL %1$tc %2$s%n%4$s:
> %5$s%6$s%n"
>
> ############################################################
> # Facility specific properties.
> @@ -50,3 +50,4 @@ java.util.logging.ConsoleHandler.formatt
> # For example, set the com.xyz.foo logger to only log SEVERE
> # messages:
> #com.xyz.foo.level = SEVERE
> +org.apache.cxf.fediz.level = FINE
> \ No newline at end of file
>
> Modified:
> cxf/fediz/trunk/examples/wsclientWebapp/webapp/src/main/webapp/WEB-INF/web.xml
> URL:
> http://svn.apache.org/viewvc/cxf/fediz/trunk/examples/wsclientWebapp/webapp/src/main/webapp/WEB-INF/web.xml?rev=1462277&r1=1462276&r2=1462277&view=diff
>
> ==============================================================================
> ---
> cxf/fediz/trunk/examples/wsclientWebapp/webapp/src/main/webapp/WEB-INF/web.xml
> (original)
> +++
> cxf/fediz/trunk/examples/wsclientWebapp/webapp/src/main/webapp/WEB-INF/web.xml
> Thu Mar 28 19:53:35 2013
> @@ -1,67 +1,67 @@
> -<web-app xmlns="http://java.sun.com/xml/ns/javaee" xmlns:xsi="
> http://www.w3.org/2001/XMLSchema-instance"
> - xsi:schemaLocation="http://java.sun.com/xml/ns/javaee
> - http://java.sun.com/xml/ns/javaee/web-app_3_0.xsd"
> - version="3.0" metadata-complete="true">
> -
> - <description>WS Federation WS-Client Web Application
> Example</description>
> - <display-name>WS Federation WS-Client Web Application
> Example</display-name>
> -
> - <context-param>
> - <param-name>contextConfigLocation</param-name>
> - <param-value>WEB-INF/applicationContext.xml</param-value>
> - </context-param>
> - <listener>
> -
> <listener-class>org.springframework.web.context.ContextLoaderListener</listener-class>
> - </listener>
> -
> - <!-- Required: Cache the security token in Thread Local Storage -->
> - <filter>
> - <filter-name>FederationFilter</filter-name>
> -
> <filter-class>org.apache.cxf.fediz.cxf.web.FederationFilter</filter-class>
> - </filter>
> -
> - <!-- now map this filter to a URL-pattern -->
> - <filter-mapping>
> - <filter-name>FederationFilter</filter-name>
> - <url-pattern>/secure/*</url-pattern>
> - </filter-mapping>
> -
> - <servlet>
> - <servlet-name>FederationServlet</servlet-name>
> -
> <servlet-class>org.apache.cxf.fediz.example.FederationServlet</servlet-class>
> - </servlet>
> -
> - <servlet-mapping>
> - <servlet-name>FederationServlet</servlet-name>
> - <url-pattern>/secure/fedservlet</url-pattern>
> - </servlet-mapping>
> -
> - <security-role>
> - <role-name>Manager</role-name>
> - </security-role>
> - <security-role>
> - <role-name>User</role-name>
> - </security-role>
> - <security-role>
> - <role-name>Admin</role-name>
> - </security-role>
> - <security-role>
> - <role-name>Authenticated</role-name>
> - </security-role>
> -
> - <security-constraint>
> - <web-resource-collection>
> - <web-resource-name>Protected
> Area</web-resource-name>
> - <url-pattern>/secure/*</url-pattern>
> - </web-resource-collection>
> - <auth-constraint>
> - <role-name>*</role-name>
> - </auth-constraint>
> - </security-constraint>
> -
> - <login-config>
> - <auth-method>WSFED</auth-method>
> - <realm-name>WSFED</realm-name>
> - </login-config>
> -
> -</web-app>
> +<web-app xmlns="http://java.sun.com/xml/ns/javaee" xmlns:xsi="
> http://www.w3.org/2001/XMLSchema-instance"
> + xsi:schemaLocation="http://java.sun.com/xml/ns/javaee
> + http://java.sun.com/xml/ns/javaee/web-app_3_0.xsd"
> + version="3.0" metadata-complete="true">
> +
> + <description>WS Federation WS-Client Web Application
> Example</description>
> + <display-name>WS Federation WS-Client Web Application
> Example</display-name>
> +
> + <context-param>
> + <param-name>contextConfigLocation</param-name>
> + <param-value>WEB-INF/applicationContext.xml</param-value>
> + </context-param>
> + <listener>
> +
> <listener-class>org.springframework.web.context.ContextLoaderListener</listener-class>
> + </listener>
> +
> + <!-- Required: Cache the security token in Thread Local Storage -->
> + <filter>
> + <filter-name>FederationFilter</filter-name>
> +
> <filter-class>org.apache.cxf.fediz.cxf.web.FederationFilter</filter-class>
> + </filter>
> +
> + <!-- now map this filter to a URL-pattern -->
> + <filter-mapping>
> + <filter-name>FederationFilter</filter-name>
> + <url-pattern>/secure/*</url-pattern>
> + </filter-mapping>
> +
> + <servlet>
> + <servlet-name>FederationServlet</servlet-name>
> +
> <servlet-class>org.apache.cxf.fediz.example.FederationServlet</servlet-class>
> + </servlet>
> +
> + <servlet-mapping>
> + <servlet-name>FederationServlet</servlet-name>
> + <url-pattern>/secure/fedservlet</url-pattern>
> + </servlet-mapping>
> +
> + <security-role>
> + <role-name>Manager</role-name>
> + </security-role>
> + <security-role>
> + <role-name>User</role-name>
> + </security-role>
> + <security-role>
> + <role-name>Admin</role-name>
> + </security-role>
> + <security-role>
> + <role-name>Authenticated</role-name>
> + </security-role>
> +
> + <security-constraint>
> + <web-resource-collection>
> + <web-resource-name>Protected
> Area</web-resource-name>
> + <url-pattern>/secure/*</url-pattern>
> + </web-resource-collection>
> + <auth-constraint>
> + <role-name>*</role-name>
> + </auth-constraint>
> + </security-constraint>
> +
> + <login-config>
> + <auth-method>WSFED</auth-method>
> + <realm-name>WSFED</realm-name>
> + </login-config>
> +
> +</web-app>
>
> Modified: cxf/fediz/trunk/pom.xml
> URL:
> http://svn.apache.org/viewvc/cxf/fediz/trunk/pom.xml?rev=1462277&r1=1462276&r2=1462277&view=diff
>
> ==============================================================================
> --- cxf/fediz/trunk/pom.xml (original)
> +++ cxf/fediz/trunk/pom.xml Thu Mar 28 19:53:35 2013
> @@ -622,7 +622,7 @@
> <profile>
> <id>setup.eclipse</id>
> <properties>
> -
> <eclipse.workspace.dir>${basedir}/../workspace</eclipse.workspace.dir>
> +
> <eclipse.workspace.dir>${basedir}/../workspace/fediz-wf</eclipse.workspace.dir>
> </properties>
> <build>
> <defaultGoal>process-test-sources</defaultGoal>
>
> Modified: cxf/fediz/trunk/services/idp/pom.xml
> URL:
> http://svn.apache.org/viewvc/cxf/fediz/trunk/services/idp/pom.xml?rev=1462277&r1=1462276&r2=1462277&view=diff
>
> ==============================================================================
> --- cxf/fediz/trunk/services/idp/pom.xml (original)
> +++ cxf/fediz/trunk/services/idp/pom.xml Thu Mar 28 19:53:35 2013
> @@ -26,7 +26,7 @@
> <relativePath>../../pom.xml</relativePath>
> </parent>
> <artifactId>fediz-idp</artifactId>
> - <name>Apache Fediz IDP</name>
> + <name>Apache Fediz IDP (Spring Web Flow)</name>
> <packaging>war</packaging>
> <dependencyManagement>
> <dependencies>
> @@ -39,24 +39,41 @@
> <dependency>
> <groupId>javax.servlet</groupId>
> <artifactId>servlet-api</artifactId>
> - <version>${servlet.version}</version>
> + <version>2.5</version>
> <scope>provided</scope>
> </dependency>
> +<!-- <dependency> -->
> +<!-- <groupId>org.springframework</groupId> -->
> +<!-- <artifactId>spring-web</artifactId> -->
> +<!-- <version>${spring.version}</version> -->
> +<!-- </dependency> -->
> <dependency>
> <groupId>org.springframework</groupId>
> - <artifactId>spring-web</artifactId>
> + <artifactId>spring-webmvc</artifactId>
> <version>${spring.version}</version>
> </dependency>
> <dependency>
> - <groupId>org.slf4j</groupId>
> - <artifactId>slf4j-api</artifactId>
> - <version>${slf4j.version}</version>
> + <groupId>org.springframework.webflow</groupId>
> + <artifactId>spring-webflow</artifactId>
> + <version>2.3.1.RELEASE</version>
> + </dependency>
> + <dependency>
> + <groupId>ognl</groupId>
> + <artifactId>ognl</artifactId>
> + <version>3.0.5</version>
> + <scope>runtime</scope>
> </dependency>
> <dependency>
> <groupId>org.slf4j</groupId>
> - <artifactId>slf4j-jdk14</artifactId>
> + <artifactId>slf4j-api</artifactId>
> <version>${slf4j.version}</version>
> + <scope>provided</scope>
> </dependency>
> +<!-- <dependency> -->
> +<!-- <groupId>org.slf4j</groupId> -->
> +<!-- <artifactId>slf4j-jdk14</artifactId> -->
> +<!-- <version>${slf4j.version}</version> -->
> +<!-- </dependency> -->
> <dependency>
> <groupId>org.apache.cxf</groupId>
> <artifactId>cxf-rt-ws-security</artifactId>
> @@ -75,7 +92,7 @@
> <dependency>
> <groupId>org.apache.commons</groupId>
> <artifactId>commons-lang3</artifactId>
> - <version>${commons.lang.version}</version>
> + <version>3.0.1</version>
> </dependency>
> </dependencies>
> <build>
>
> Added:
> cxf/fediz/trunk/services/idp/src/main/java/org/apache/cxf/fediz/service/idp/UsernamePasswordCredentials.java
> URL:
> http://svn.apache.org/viewvc/cxf/fediz/trunk/services/idp/src/main/java/org/apache/cxf/fediz/service/idp/UsernamePasswordCredentials.java?rev=1462277&view=auto
>
> ==============================================================================
> ---
> cxf/fediz/trunk/services/idp/src/main/java/org/apache/cxf/fediz/service/idp/UsernamePasswordCredentials.java
> (added)
> +++
> cxf/fediz/trunk/services/idp/src/main/java/org/apache/cxf/fediz/service/idp/UsernamePasswordCredentials.java
> Thu Mar 28 19:53:35 2013
> @@ -0,0 +1,46 @@
> +/**
> + * Licensed to the Apache Software Foundation (ASF) under one
> + * or more contributor license agreements. See the NOTICE file
> + * distributed with this work for additional information
> + * regarding copyright ownership. The ASF licenses this file
> + * to you under the Apache License, Version 2.0 (the
> + * "License"); you may not use this file except in compliance
> + * with the License. You may obtain a copy of the License at
> + *
> + * http://www.apache.org/licenses/LICENSE-2.0
> + *
> + * Unless required by applicable law or agreed to in writing,
> + * software distributed under the License is distributed on an
> + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
> + * KIND, either express or implied. See the License for the
> + * specific language governing permissions and limitations
> + * under the License.
> + */
> +package org.apache.cxf.fediz.service.idp;
> +
> +import java.io.Serializable;
> +
> +public class UsernamePasswordCredentials implements Serializable {
> +
> + private static final long serialVersionUID = 1L;
> +
> + private String username;
> + private String password;
> +
> + public String getUsername() {
> + return username;
> + }
> +
> + public void setUsername(String username) {
> + this.username = username;
> + }
> +
> + public String getPassword() {
> + return password;
> + }
> +
> + public void setPassword(String password) {
> + this.password = password;
> + }
> +
> +}
>
> Added:
> cxf/fediz/trunk/services/idp/src/main/java/org/apache/cxf/fediz/service/idp/beans/DecodeAuthorizationHeaderAction.java
> URL:
> http://svn.apache.org/viewvc/cxf/fediz/trunk/services/idp/src/main/java/org/apache/cxf/fediz/service/idp/beans/DecodeAuthorizationHeaderAction.java?rev=1462277&view=auto
>
> ==============================================================================
> ---
> cxf/fediz/trunk/services/idp/src/main/java/org/apache/cxf/fediz/service/idp/beans/DecodeAuthorizationHeaderAction.java
> (added)
> +++
> cxf/fediz/trunk/services/idp/src/main/java/org/apache/cxf/fediz/service/idp/beans/DecodeAuthorizationHeaderAction.java
> Thu Mar 28 19:53:35 2013
> @@ -0,0 +1,64 @@
> +/**
> + * Licensed to the Apache Software Foundation (ASF) under one
> + * or more contributor license agreements. See the NOTICE file
> + * distributed with this work for additional information
> + * regarding copyright ownership. The ASF licenses this file
> + * to you under the Apache License, Version 2.0 (the
> + * "License"); you may not use this file except in compliance
> + * with the License. You may obtain a copy of the License at
> + *
> + * http://www.apache.org/licenses/LICENSE-2.0
> + *
> + * Unless required by applicable law or agreed to in writing,
> + * software distributed under the License is distributed on an
> + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
> + * KIND, either express or implied. See the License for the
> + * specific language governing permissions and limitations
> + * under the License.
> + */
> +package org.apache.cxf.fediz.service.idp.beans;
> +
> +import java.util.StringTokenizer;
> +
> +import org.apache.cxf.common.util.Base64Utility;
> +import org.apache.cxf.fediz.service.idp.UsernamePasswordCredentials;
> +import org.apache.cxf.fediz.service.idp.util.WebUtils;
> +import org.springframework.webflow.execution.RequestContext;
> +
> +/**
> + * @author fr17993 This class is responsible to decode authorization
> header with
> + * basic authentication.
> + */
> +
> +public class DecodeAuthorizationHeaderAction {
> +
> + public UsernamePasswordCredentials submit(RequestContext
> requestContext)
> + throws Exception {
> + String authorizationHeader = WebUtils.getHttpServletRequest(
> + requestContext).getHeader("Authorization");
> + String username = null;
> + String password = null;
> +
> + StringTokenizer st = new StringTokenizer(authorizationHeader, "
> ");
> + String authType = st.nextToken();
> + String encoded = st.nextToken();
> +
> + if (!authType.equalsIgnoreCase("basic")) {
> + throw new Exception("Invalid Authorization header");
> + }
> +
> + String decoded = new String(Base64Utility.decode(encoded));
> +
> + int colon = decoded.indexOf(':');
> + if (colon < 0) {
> + username = decoded;
> + } else {
> + username = decoded.substring(0, colon);
> + password = decoded.substring(colon + 1, decoded.length());
> + }
> + UsernamePasswordCredentials usernamePasswordCredentials = new
> UsernamePasswordCredentials();
> + usernamePasswordCredentials.setUsername(username);
> + usernamePasswordCredentials.setPassword(password);
> + return usernamePasswordCredentials;
> + }
> +}
>
> Added:
> cxf/fediz/trunk/services/idp/src/main/java/org/apache/cxf/fediz/service/idp/beans/InitialFlowSetupAction.java
> URL:
> http://svn.apache.org/viewvc/cxf/fediz/trunk/services/idp/src/main/java/org/apache/cxf/fediz/service/idp/beans/InitialFlowSetupAction.java?rev=1462277&view=auto
>
> ==============================================================================
> ---
> cxf/fediz/trunk/services/idp/src/main/java/org/apache/cxf/fediz/service/idp/beans/InitialFlowSetupAction.java
> (added)
> +++
> cxf/fediz/trunk/services/idp/src/main/java/org/apache/cxf/fediz/service/idp/beans/InitialFlowSetupAction.java
> Thu Mar 28 19:53:35 2013
> @@ -0,0 +1,91 @@
> +/**
> + * Licensed to the Apache Software Foundation (ASF) under one
> + * or more contributor license agreements. See the NOTICE file
> + * distributed with this work for additional information
> + * regarding copyright ownership. The ASF licenses this file
> + * to you under the Apache License, Version 2.0 (the
> + * "License"); you may not use this file except in compliance
> + * with the License. You may obtain a copy of the License at
> + *
> + * http://www.apache.org/licenses/LICENSE-2.0
> + *
> + * Unless required by applicable law or agreed to in writing,
> + * software distributed under the License is distributed on an
> + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
> + * KIND, either express or implied. See the License for the
> + * specific language governing permissions and limitations
> + * under the License.
> + */
> +package org.apache.cxf.fediz.service.idp.beans;
> +
> +import org.apache.cxf.fediz.service.idp.util.WebUtils;
> +import org.slf4j.Logger;
> +import org.slf4j.LoggerFactory;
> +import org.springframework.webflow.execution.RequestContext;
> +
> +/**
> + * @author fr17993 This class is responsible to initialize web flow.
> + */
> +
> +public class InitialFlowSetupAction {
> +
> + private static final String AUTH_SUPPORT_TYPE = "idp.authSupportType";
> +
> + private static final String IDP_NAME = "idpName";
> +
> + private static final Logger LOG = LoggerFactory
> + .getLogger(InitialFlowSetupAction.class);
> +
> + private String idpName = "IDP";
> +
> + private String authSupportType;
> +
> + public String getIdpName() {
> + return idpName;
> + }
> +
> + public void setIdpName(String idpName) {
> + this.idpName = idpName;
> + }
> +
> + public String getAuthSupportType() {
> + return authSupportType;
> + }
> +
> + public void setAuthSupportType(String authSupportType) {
> + this.authSupportType = authSupportType;
> + }
> +
> + private static enum SupportType {
> + FORM, BASIC;
> + }
> +
> + /**
> + * @throws IllegalArgumentException
> + */
> + public void submit(RequestContext context) {
> + if (System.getProperty(AUTH_SUPPORT_TYPE) != null) {
> + authSupportType = System.getProperty(AUTH_SUPPORT_TYPE);
> + LOG.info("Bean property [authSupportType] has been overriden
> from system properties");
> + }
> + if (SupportType.valueOf(authSupportType) != null) {
> + WebUtils.putAttributeInFlowScope(context, AUTH_SUPPORT_TYPE,
> + authSupportType);
> + LOG.info(AUTH_SUPPORT_TYPE + "=" + authSupportType
> + + " has been stored in flow scope");
> + } else {
> + throw new IllegalArgumentException(AUTH_SUPPORT_TYPE + "="
> + + authSupportType + " not supported");
> + }
> + putAttributeInFlowScope(context, IDP_NAME, idpName);
> + }
> +
> + private void putAttributeInFlowScope(RequestContext context, String
> key, String value) {
> + if (value != null) {
> + WebUtils.putAttributeInFlowScope(context, key, value);
> + LOG.info(key + "=" + value + " has been stored in flow
> scope");
> + } else {
> + throw new IllegalArgumentException("Bean property [" + key +
> "] should be configured");
> + }
> + }
> +}
>
> Added:
> cxf/fediz/trunk/services/idp/src/main/java/org/apache/cxf/fediz/service/idp/beans/LogoutAction.java
> URL:
> http://svn.apache.org/viewvc/cxf/fediz/trunk/services/idp/src/main/java/org/apache/cxf/fediz/service/idp/beans/LogoutAction.java?rev=1462277&view=auto
>
> ==============================================================================
> ---
> cxf/fediz/trunk/services/idp/src/main/java/org/apache/cxf/fediz/service/idp/beans/LogoutAction.java
> (added)
> +++
> cxf/fediz/trunk/services/idp/src/main/java/org/apache/cxf/fediz/service/idp/beans/LogoutAction.java
> Thu Mar 28 19:53:35 2013
> @@ -0,0 +1,33 @@
> +/**
> + * Licensed to the Apache Software Foundation (ASF) under one
> + * or more contributor license agreements. See the NOTICE file
> + * distributed with this work for additional information
> + * regarding copyright ownership. The ASF licenses this file
> + * to you under the Apache License, Version 2.0 (the
> + * "License"); you may not use this file except in compliance
> + * with the License. You may obtain a copy of the License at
> + *
> + * http://www.apache.org/licenses/LICENSE-2.0
> + *
> + * Unless required by applicable law or agreed to in writing,
> + * software distributed under the License is distributed on an
> + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
> + * KIND, either express or implied. See the License for the
> + * specific language governing permissions and limitations
> + * under the License.
> + */
> +package org.apache.cxf.fediz.service.idp.beans;
> +
> +import org.apache.cxf.fediz.service.idp.util.WebUtils;
> +import org.springframework.webflow.execution.RequestContext;
> +
> +/**
> + * @author fr17993 This class is responsible to invalidate IDP session.
> + */
> +
> +public class LogoutAction {
> +
> + public void submit(RequestContext requestContext) {
> + WebUtils.getHttpSession(requestContext).invalidate();
> + }
> +}
>
> Added:
> cxf/fediz/trunk/services/idp/src/main/java/org/apache/cxf/fediz/service/idp/beans/STSClientAction.java
> URL:
> http://svn.apache.org/viewvc/cxf/fediz/trunk/services/idp/src/main/java/org/apache/cxf/fediz/service/idp/beans/STSClientAction.java?rev=1462277&view=auto
>
> ==============================================================================
> ---
> cxf/fediz/trunk/services/idp/src/main/java/org/apache/cxf/fediz/service/idp/beans/STSClientAction.java
> (added)
> +++
> cxf/fediz/trunk/services/idp/src/main/java/org/apache/cxf/fediz/service/idp/beans/STSClientAction.java
> Thu Mar 28 19:53:35 2013
> @@ -0,0 +1,286 @@
> +/**
> + * Licensed to the Apache Software Foundation (ASF) under one
> + * or more contributor license agreements. See the NOTICE file
> + * distributed with this work for additional information
> + * regarding copyright ownership. The ASF licenses this file
> + * to you under the Apache License, Version 2.0 (the
> + * "License"); you may not use this file except in compliance
> + * with the License. You may obtain a copy of the License at
> + *
> + * http://www.apache.org/licenses/LICENSE-2.0
> + *
> + * Unless required by applicable law or agreed to in writing,
> + * software distributed under the License is distributed on an
> + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
> + * KIND, either express or implied. See the License for the
> + * specific language governing permissions and limitations
> + * under the License.
> + */
> +package org.apache.cxf.fediz.service.idp.beans;
> +
> +import java.net.MalformedURLException;
> +import java.net.URL;
> +import java.util.List;
> +import java.util.Map;
> +
> +import javax.xml.namespace.QName;
> +import javax.xml.parsers.ParserConfigurationException;
> +import javax.xml.stream.XMLStreamException;
> +
> +import org.w3c.dom.Element;
> +
> +import org.apache.commons.lang3.StringEscapeUtils;
> +import org.apache.cxf.Bus;
> +import org.apache.cxf.BusFactory;
> +import org.apache.cxf.fediz.service.idp.IdpSTSClient;
> +import org.apache.cxf.fediz.service.idp.UsernamePasswordCredentials;
> +import org.apache.cxf.fediz.service.idp.util.WebUtils;
> +import org.apache.cxf.staxutils.W3CDOMStreamWriter;
> +import org.apache.cxf.ws.security.SecurityConstants;
> +import org.apache.cxf.ws.security.tokenstore.SecurityToken;
> +import org.apache.cxf.ws.security.trust.STSUtils;
> +import org.apache.ws.security.WSConstants;
> +import org.slf4j.Logger;
> +import org.slf4j.LoggerFactory;
> +import org.springframework.context.ApplicationContext;
> +import org.springframework.webflow.execution.RequestContext;
> +
> +/**
> + * @author fr17993
> +This class is responsible to ask for Security Tokens to STS.
> + */
> +
> +public class STSClientAction {
> +
> + private static final String REALM_TO_CLAIMS_MAP = "realm2ClaimsMap";
> +
> + private static final String
> HTTP_SCHEMAS_XMLSOAP_ORG_WS_2005_05_IDENTITY =
> + "http://schemas.xmlsoap.org/ws/2005/05/identity";
> +
> + private static final String
> HTTP_DOCS_OASIS_OPEN_ORG_WS_SX_WS_TRUST_200512_BEARER =
> + "http://docs.oasis-open.org/ws-sx/ws-trust/200512/Bearer";
> +
> + private static final String HTTP_WWW_W3_ORG_2005_08_ADDRESSING = "
> http://www.w3.org/2005/08/addressing";
> +
> + private static final String
> HTTP_DOCS_OASIS_OPEN_ORG_WS_SX_WS_TRUST_200512 =
> + "http://docs.oasis-open.org/ws-sx/ws-trust/200512/";
> +
> + private static final String SECURITY_TOKEN_SERVICE =
> "SecurityTokenService";
> +
> + private static final Logger LOG = LoggerFactory
> + .getLogger(STSClientAction.class);
> +
> + protected String wsdlLocation;
> +
> + protected String wsdlEndpoint;
> +
> + protected String appliesTo;
> +
> + protected String tokenType;
> +
> + protected boolean claimsRequired = true;
> +
> + protected boolean isPortSet;
> +
> + public String getWsdlLocation() {
> + return wsdlLocation;
> + }
> +
> + public void setWsdlLocation(String wsdlLocation) {
> + this.wsdlLocation = wsdlLocation;
> + try {
> + URL url = new URL(wsdlLocation);
> + isPortSet = url.getPort() > 0;
> + if (!isPortSet) {
> + LOG.info("Port is 0 for 'wsdlLocation'. Port evaluated
> when processing first request.");
> + }
> + } catch (MalformedURLException e) {
> + LOG.error("Invalid Url '" + wsdlLocation + "': " +
> e.getMessage());
> + }
> + }
> +
> + public String getWsdlEndpoint() {
> + return wsdlEndpoint;
> + }
> +
> + public void setWsdlEndpoint(String wsdlEndpoint) {
> + this.wsdlEndpoint = wsdlEndpoint;
> + }
> +
> + public String getAppliesTo() {
> + return appliesTo;
> + }
> +
> + public void setAppliesTo(String appliesTo) {
> + this.appliesTo = appliesTo;
> + }
> +
> + public String getTokenType() {
> + return tokenType;
> + }
> +
> + public void setTokenType(String tokenType) {
> + this.tokenType = tokenType;
> + }
> +
> + public boolean isClaimsRequired() {
> + return claimsRequired;
> + }
> +
> + public void setClaimsRequired(boolean claimsRequired) {
> + this.claimsRequired = claimsRequired;
> + }
> +
> + /**
> + * @param credentials
> + * : username and password provided by user
> + * @return a IDP {@link SecurityToken}
> + * @throws Exception
> + */
> + public SecurityToken submit(UsernamePasswordCredentials credentials,
> RequestContext context)
> + throws Exception {
> +
> + Bus bus = BusFactory.getDefaultBus();
> +
> + IdpSTSClient sts = new IdpSTSClient(bus);
> + sts.setAddressingNamespace(HTTP_WWW_W3_ORG_2005_08_ADDRESSING);
> + paramTokenType(sts);
> +
> sts.setKeyType(HTTP_DOCS_OASIS_OPEN_ORG_WS_SX_WS_TRUST_200512_BEARER);
> +
> + if (!isPortSet) {
> + try {
> + URL url = new URL(this.wsdlLocation);
> + URL updatedUrl = new URL(url.getProtocol(), url.getHost(),
> +
> WebUtils.getHttpServletRequest(context).getLocalPort(), url.getFile());
> +
> + setSTSWsdlUrl(updatedUrl.toString());
> + LOG.info("STS WSDL URL updated to " +
> updatedUrl.toString());
> + } catch (MalformedURLException e) {
> + LOG.error("Invalid Url '" + this.wsdlLocation + "': " +
> e.getMessage());
> + }
> + }
> + sts.setWsdlLocation(this.wsdlLocation);
> + sts.setServiceQName(new QName(
> + HTTP_DOCS_OASIS_OPEN_ORG_WS_SX_WS_TRUST_200512,
> + SECURITY_TOKEN_SERVICE));
> + sts.setEndpointQName(new QName(
> + HTTP_DOCS_OASIS_OPEN_ORG_WS_SX_WS_TRUST_200512,
> + this.wsdlEndpoint));
> +
> + if (this.claimsRequired) {
> + addClaims(this.appliesTo, bus, sts);
> + }
> +
> + sts.getProperties().put(SecurityConstants.USERNAME,
> + credentials.getUsername());
> + sts.getProperties().put(SecurityConstants.PASSWORD,
> + credentials.getPassword());
> +
> + SecurityToken idpToken = sts.requestSecurityToken(this.appliesTo);
> +
> + LOG.info("Token [IDP_TOKEN] produced succesfully.");
> + return idpToken;
> + }
> +
> + /**
> + * @param credentials
> + * {@link SecurityToken}
> + * @param wtrealm
> + * the relying party security domain
> + * @return a serialized RP security token
> + * @throws Exception
> + */
> + public String submit(SecurityToken credentials, String wtrealm)
> + throws Exception {
> +
> + Bus bus = BusFactory.getDefaultBus();
> +
> + IdpSTSClient sts = new IdpSTSClient(bus);
> + sts.setAddressingNamespace(HTTP_WWW_W3_ORG_2005_08_ADDRESSING);
> + paramTokenType(sts);
> +
> sts.setKeyType(HTTP_DOCS_OASIS_OPEN_ORG_WS_SX_WS_TRUST_200512_BEARER);
> +
> + sts.setWsdlLocation(wsdlLocation);
> + sts.setServiceQName(new QName(
> + HTTP_DOCS_OASIS_OPEN_ORG_WS_SX_WS_TRUST_200512,
> + SECURITY_TOKEN_SERVICE));
> + sts.setEndpointQName(new QName(
> + HTTP_DOCS_OASIS_OPEN_ORG_WS_SX_WS_TRUST_200512,
> wsdlEndpoint));
> +
> + if (this.claimsRequired) {
> + addClaims(wtrealm, bus, sts);
> + }
> +
> + sts.setOnBehalfOf(credentials.getToken());
> +
> + String rpToken = sts.requestSecurityTokenResponse(wtrealm);
> +
> + LOG.info("Token [RP_TOKEN] produced succesfully.");
> + return StringEscapeUtils.escapeXml(rpToken);
> + }
> +
> + private void addClaims(String wtrealm, Bus bus, IdpSTSClient sts)
> + throws ParserConfigurationException, XMLStreamException {
> + List<String> realmClaims = null;
> + ApplicationContext ctx = (ApplicationContext) bus
> + .getExtension(ApplicationContext.class);
> +
> + @SuppressWarnings("unchecked")
> + Map<String, List<String>> realmClaimsMap = (Map<String,
> List<String>>) ctx
> + .getBean(REALM_TO_CLAIMS_MAP);
> + realmClaims = realmClaimsMap.get(wtrealm);
> + if (realmClaims != null && realmClaims.size() > 0
> + && LOG.isDebugEnabled()) {
> + LOG.debug("claims for realm " + wtrealm);
> + for (String item : realmClaims) {
> + LOG.debug(" " + item);
> + }
> + }
> + Element claims = createClaimsElement(realmClaims);
> + if (claims != null) {
> + sts.setClaims(claims);
> + }
> + }
> +
> + private void paramTokenType(IdpSTSClient sts) {
> + if (tokenType == null) {
> + sts.setTokenType(WSConstants.WSS_SAML2_TOKEN_TYPE);
> + } else {
> + sts.setTokenType(tokenType);
> + }
> + }
> +
> + private Element createClaimsElement(List<String> realmClaims)
> + throws ParserConfigurationException, XMLStreamException {
> + if (realmClaims == null || realmClaims.size() == 0) {
> + return null;
> + }
> +
> + W3CDOMStreamWriter writer = new W3CDOMStreamWriter();
> + writer.writeStartElement("wst", "Claims", STSUtils.WST_NS_05_12);
> + writer.writeNamespace("wst", STSUtils.WST_NS_05_12);
> + writer.writeNamespace("ic",
> + HTTP_SCHEMAS_XMLSOAP_ORG_WS_2005_05_IDENTITY);
> + writer.writeAttribute("Dialect",
> + HTTP_SCHEMAS_XMLSOAP_ORG_WS_2005_05_IDENTITY);
> +
> + if (realmClaims != null && realmClaims.size() > 0) {
> + for (String item : realmClaims) {
> + LOG.debug("claim: " + item);
> + writer.writeStartElement("ic", "ClaimType",
> + HTTP_SCHEMAS_XMLSOAP_ORG_WS_2005_05_IDENTITY);
> + writer.writeAttribute("Uri", item);
> + writer.writeEndElement();
> + }
> + }
> +
> + writer.writeEndElement();
> +
> + return writer.getDocument().getDocumentElement();
> + }
> +
> + private synchronized void setSTSWsdlUrl(String wsdlUrl) {
> + this.wsdlLocation = wsdlUrl;
> + this.isPortSet = true;
> + }
> +}
>
> Added:
> cxf/fediz/trunk/services/idp/src/main/java/org/apache/cxf/fediz/service/idp/beans/WfreshParser.java
> URL:
> http://svn.apache.org/viewvc/cxf/fediz/trunk/services/idp/src/main/java/org/apache/cxf/fediz/service/idp/beans/WfreshParser.java?rev=1462277&view=auto
>
> ==============================================================================
> ---
> cxf/fediz/trunk/services/idp/src/main/java/org/apache/cxf/fediz/service/idp/beans/WfreshParser.java
> (added)
> +++
> cxf/fediz/trunk/services/idp/src/main/java/org/apache/cxf/fediz/service/idp/beans/WfreshParser.java
> Thu Mar 28 19:53:35 2013
> @@ -0,0 +1,52 @@
> +/**
> + * Licensed to the Apache Software Foundation (ASF) under one
> + * or more contributor license agreements. See the NOTICE file
> + * distributed with this work for additional information
> + * regarding copyright ownership. The ASF licenses this file
> + * to you under the Apache License, Version 2.0 (the
> + * "License"); you may not use this file except in compliance
> + * with the License. You may obtain a copy of the License at
> + *
> + * http://www.apache.org/licenses/LICENSE-2.0
> + *
> + * Unless required by applicable law or agreed to in writing,
> + * software distributed under the License is distributed on an
> + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
> + * KIND, either express or implied. See the License for the
> + * specific language governing permissions and limitations
> + * under the License.
> + */
> +package org.apache.cxf.fediz.service.idp.beans;
> +
> +import java.util.Date;
> +import org.apache.cxf.ws.security.tokenstore.SecurityToken;
> +import org.slf4j.Logger;
> +import org.slf4j.LoggerFactory;
> +
> +/**
> + * This class is responsible to parse 'wfresh' parameter
> + * @author T.Beucher
> + */
> +
> +public class WfreshParser {
> +
> + private static final Logger LOG = LoggerFactory
> + .getLogger(WfreshParser.class);
> +
> + public boolean authenticationRequired(SecurityToken idpToken, String
> wfresh)
> + throws Exception {
> + long ttl = Long.parseLong(wfresh);
> + if (ttl > 0) {
> + Date createdDate = idpToken.getCreated();
> + Date expiryDate = new Date();
> + expiryDate.setTime(createdDate.getTime() + (ttl * 60L *
> 1000L));
> + if (expiryDate.before(new Date())) {
> + LOG.info("IDP token is valid but relying party requested
> new authentication via wfresh: " + wfresh);
> + return true;
> + }
> + } else {
> + LOG.info("wfresh value of " + wfresh + " is invalid");
> + }
> + return false;
> + }
> +}
>
> Added:
> cxf/fediz/trunk/services/idp/src/main/java/org/apache/cxf/fediz/service/idp/util/WebUtils.java
> URL:
> http://svn.apache.org/viewvc/cxf/fediz/trunk/services/idp/src/main/java/org/apache/cxf/fediz/service/idp/util/WebUtils.java?rev=1462277&view=auto
>
> ==============================================================================
> ---
> cxf/fediz/trunk/services/idp/src/main/java/org/apache/cxf/fediz/service/idp/util/WebUtils.java
> (added)
> +++
> cxf/fediz/trunk/services/idp/src/main/java/org/apache/cxf/fediz/service/idp/util/WebUtils.java
> Thu Mar 28 19:53:35 2013
> @@ -0,0 +1,177 @@
> +/**
> + * Licensed to the Apache Software Foundation (ASF) under one
> + * or more contributor license agreements. See the NOTICE file
> + * distributed with this work for additional information
> + * regarding copyright ownership. The ASF licenses this file
> + * to you under the Apache License, Version 2.0 (the
> + * "License"); you may not use this file except in compliance
> + * with the License. You may obtain a copy of the License at
> + *
> + * http://www.apache.org/licenses/LICENSE-2.0
> + *
> + * Unless required by applicable law or agreed to in writing,
> + * software distributed under the License is distributed on an
> + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
> + * KIND, either express or implied. See the License for the
> + * specific language governing permissions and limitations
> + * under the License.
> + */
> +package org.apache.cxf.fediz.service.idp.util;
> +
> +import javax.servlet.http.HttpServletRequest;
> +import javax.servlet.http.HttpServletResponse;
> +import javax.servlet.http.HttpSession;
> +
> +import org.springframework.util.Assert;
> +import org.springframework.webflow.context.servlet.ServletExternalContext;
> +import org.springframework.webflow.execution.RequestContext;
> +
> +/**
> + * @author fr17993
> + * Utility class to bind with webflow artifacts
> + */
> +public final class WebUtils {
> +
> + private WebUtils() {
> + super();
> + }
> +
> + public static HttpServletRequest getHttpServletRequest(
> + final RequestContext context) {
> + Assert.isInstanceOf(ServletExternalContext.class,
> + context.getExternalContext(),
> + "Cannot obtain HttpServletRequest from event of type: "
> + +
> context.getExternalContext().getClass().getName());
> + return (HttpServletRequest) context.getExternalContext()
> + .getNativeRequest();
> + }
> +
> + public static HttpSession getHttpSession(final RequestContext
> context) {
> + HttpServletRequest httpServletRequest =
> getHttpServletRequest(context);
> + return httpServletRequest.getSession();
> + }
> +
> + public static HttpServletResponse getHttpServletResponse(
> + final RequestContext context) {
> + Assert.isInstanceOf(ServletExternalContext.class,
> + context.getExternalContext(),
> + "Cannot obtain HttpServletResponse from event of type: "
> + +
> context.getExternalContext().getClass().getName());
> + return (HttpServletResponse) context.getExternalContext()
> + .getNativeResponse();
> + }
> +
> + public static void putAttributeInRequestScope(final RequestContext
> context,
> + final String attributeKey, final Object attributeValue) {
> + context.getRequestScope().put(attributeKey, attributeValue);
> + }
> +
> + public static void putAttributeInExternalContext(
> + final RequestContext context, final String attributeKey,
> + final Object attributeValue) {
> + context.getExternalContext().getSessionMap()
> + .put(attributeKey, attributeValue);
> + }
> +
> + /**
> + * put attribute in request or in session depending on storeInSession.
> + *
> + * @param context
> + * @param attributeKey
> + * @return
> + */
> + public static void putAttribute(final RequestContext context,
> + final String attributeKey, final Object attributeValue,
> + boolean storeInSession) {
> + // Object oldValue = null;
> + if (storeInSession) {
> + // oldValue = getAttributeFromExternalContext(context,
> + // attributeKey);
> + putAttributeInExternalContext(context, attributeKey,
> attributeValue);
> + } else {
> + // oldValue = getAttributeFromRequestScope(context,
> attributeKey);
> + putAttributeInRequestScope(context, attributeKey,
> attributeValue);
> + }
> + // return oldValue;
> + }
> +
> + public static Object getAttributeFromRequestScope(
> + final RequestContext context, final String attributeKey) {
> + return context.getRequestScope().getString(attributeKey);
> + }
> +
> + public static Object getAttributeFromExternalContext(
> + final RequestContext context, final String attributeKey) {
> + return context.getExternalContext().getSessionMap()
> + .getString(attributeKey);
> + }
> +
> + /**
> + * get attribute from request; if not found get it from session.
> + *
> + * @param context
> + * @param attributeKey
> + * @return
> + */
> + public static Object getAttribute(final RequestContext context,
> + final String attributeKey) {
> + Object value = getAttributeFromRequestScope(context,
> attributeKey);
> + if (value != null) {
> + return value;
> + }
> + return getAttributeFromExternalContext(context, attributeKey);
> + }
> +
> + public static Object removeAttributeFromRequestScope(
> + final RequestContext context, final String attributeKey) {
> + return context.getRequestScope().remove(attributeKey);
> + }
> +
> + public static Object removeAttributeFromExternalContext(
> + final RequestContext context, final String attributeKey) {
> + return context.getExternalContext().getSessionMap()
> + .remove(attributeKey);
> + }
> +
> + /**
> + * remove attribute from request and session.
> + *
> + * @param context
> + * @param attributeKey
> + * @return
> + */
> + public static Object removeAttribute(final RequestContext context,
> + final String attributeKey) {
> + Object valueReq = removeAttributeFromRequestScope(context,
> attributeKey);
> + Object valueSes = removeAttributeFromExternalContext(context,
> + attributeKey);
> + if (valueSes != null) {
> + return valueSes; // not clean if request has different value !
> + }
> + if (valueReq != null) {
> + return valueReq;
> + }
> + return null;
> + }
> +
> + public static void putAttributeInFlowScope(final RequestContext
> context,
> + final String attributeKey, final String attributeValue) {
> + context.getFlowScope().put(attributeKey, attributeValue);
> + }
> +
> + public static String getAttributeFromFlowScope(
> + final RequestContext context, final String attributeKey) {
> + return context.getFlowScope().getString(attributeKey);
> + }
> +
> + public static Object removeAttributeFromFlowScope(
> + final RequestContext context, final String attributeKey) {
> + return context.getFlowScope().remove(attributeKey);
> + }
> +
> + public static String getParamFromRequestParameters(
> + final RequestContext context, final String attributeKey) {
> + return context.getRequestParameters().get(attributeKey);
> + }
> +
> +}
>
> Modified: cxf/fediz/trunk/services/idp/src/main/resources/log4j.properties
> URL:
> http://svn.apache.org/viewvc/cxf/fediz/trunk/services/idp/src/main/resources/log4j.properties?rev=1462277&r1=1462276&r2=1462277&view=diff
>
> ==============================================================================
> --- cxf/fediz/trunk/services/idp/src/main/resources/log4j.properties
> (original)
> +++ cxf/fediz/trunk/services/idp/src/main/resources/log4j.properties Thu
> Mar 28 19:53:35 2013
> @@ -1,6 +1,6 @@
> # Set root category priority to INFO and its only appender to CONSOLE.
> -log4j.rootCategory=FATAL, CONSOLE
> -#log4j.rootCategory=DEBUG, CONSOLE
> +#log4j.rootCategory=FATAL, CONSOLE
> +log4j.rootCategory=DEBUG, CONSOLE
>
> # CONSOLE is set to be a ConsoleAppender using a PatternLayout.
> log4j.appender.CONSOLE=org.apache.log4j.ConsoleAppender
>
> Modified:
> cxf/fediz/trunk/services/idp/src/main/resources/logging.properties
> URL:
> http://svn.apache.org/viewvc/cxf/fediz/trunk/services/idp/src/main/resources/logging.properties?rev=1462277&r1=1462276&r2=1462277&view=diff
>
> ==============================================================================
> --- cxf/fediz/trunk/services/idp/src/main/resources/logging.properties
> (original)
> +++ cxf/fediz/trunk/services/idp/src/main/resources/logging.properties Thu
> Mar 28 19:53:35 2013
> @@ -39,6 +39,7 @@ java.util.logging.FileHandler.formatter
>
> # Limit the message that are printed on the console to WARNING and above.
> java.util.logging.ConsoleHandler.level = FINEST
> +java.util.logging.SimpleFormatter.format="IDP %1$tc %2$s%n%4$s:
> %5$s%6$s%n"
> java.util.logging.ConsoleHandler.formatter =
> java.util.logging.SimpleFormatter
>
>
> @@ -50,4 +51,6 @@ java.util.logging.ConsoleHandler.formatt
> # For example, set the com.xyz.foo logger to only log SEVERE
> # messages:
> #com.xyz.foo.level = SEVERE
> -org.apache.cxf.fediz.service.idp.level = FINEST
> +org.apache.cxf.fediz.service.idp.level = FINE
> +org.springframework.web.level = FINE
> +org.springframework.webflow.level = FINE
> \ No newline at end of file
>
> Modified:
> cxf/fediz/trunk/services/idp/src/main/webapp/WEB-INF/applicationContext.xml
> URL:
> http://svn.apache.org/viewvc/cxf/fediz/trunk/services/idp/src/main/webapp/WEB-INF/applicationContext.xml?rev=1462277&r1=1462276&r2=1462277&view=diff
>
> ==============================================================================
> ---
> cxf/fediz/trunk/services/idp/src/main/webapp/WEB-INF/applicationContext.xml
> (original)
> +++
> cxf/fediz/trunk/services/idp/src/main/webapp/WEB-INF/applicationContext.xml
> Thu Mar 28 19:53:35 2013
> @@ -33,7 +33,7 @@
> </sec:trustManagers>
> </http:tlsClientParameters>
> </http:conduit>
> -
> +
> <import resource="RPClaims.xml" />
>
> </beans>
>
> Added:
> cxf/fediz/trunk/services/idp/src/main/webapp/WEB-INF/federation-webflow.xml
> URL:
> http://svn.apache.org/viewvc/cxf/fediz/trunk/services/idp/src/main/webapp/WEB-INF/federation-webflow.xml?rev=1462277&view=auto
>
> ==============================================================================
> ---
> cxf/fediz/trunk/services/idp/src/main/webapp/WEB-INF/federation-webflow.xml
> (added)
> +++
> cxf/fediz/trunk/services/idp/src/main/webapp/WEB-INF/federation-webflow.xml
> Thu Mar 28 19:53:35 2013
> @@ -0,0 +1,144 @@
> +<?xml version="1.0" encoding="UTF-8"?>
> +<flow xmlns="http://www.springframework.org/schema/webflow"
> + xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
> + xsi:schemaLocation="http://www.springframework.org/schema/webflow
> +
> http://www.springframework.org/schema/webflow/spring-webflow-2.0.xsd">
> +
> + <on-start>
> + <evaluate
> expression="initialFlowSetupAction.submit(flowRequestContext)" />
> + </on-start>
> +
> + <!-- protocol check -->
> + <decision-state id="WSFederationRequestCheck">
> + <on-entry>
> + <set name="externalContext.sessionMap['wtrealm']"
> value="requestParameters.wtrealm" />
> + <set name="externalContext.sessionMap['wreply']"
> value="requestParameters.wreply" />
> + <set name="externalContext.sessionMap['wctx']"
> value="requestParameters.wctx" />
> + </on-entry>
> + <if test="requestParameters.wa == null" then="viewBadRequest" />
> + <if test="requestParameters.wa != 'wsignin1.0' and
> requestParameters.wa != 'wsignout1.0' and requestParameters.wa !=
> 'wsignoutcleanup1.0'" then="viewBadRequest" />
> + <if test="requestParameters.wa == 'wsignout1.0' or
> requestParameters.wa == 'wsignoutcleanup1.0'"
> then="invalidateSessionAction" />
> + <if test="requestParameters.wtrealm == null or
> requestParameters.wtrealm.length() == 0" then="viewBadRequest" />
> +
> + <if test="externalContext.sessionMap['IDP_TOKEN'] == null"
> then="authenticationRequired" />
> + <if test="externalContext.sessionMap['IDP_TOKEN'].isExpired() ==
> true" then="authenticationRequired" />
> + <if test="requestParameters.wfresh != null and
> requestParameters.wfresh.equals('0')" then="authenticationRequired"
> else="rpTokenAction" />
> + </decision-state>
> +
> + <!-- select authentication support type -->
> + <decision-state id="authenticationRequired">
> + <on-entry>
> + <set name="externalContext.sessionMap['IDP_TOKEN']"
> value="null" />
> + </on-entry>
> + <if test="flowScope['idp.authSupportType'] == 'FORM'"
> then="formAuthenticationView" />
> + <if test="flowScope['idp.authSupportType'] == 'BASIC'"
> then="basicAuthenticationCheck" else="viewBadRequest" />
> + </decision-state>
> +
> + <!-- display authentication form 'signinform.jsp' (username/password
> credentials) -->
> + <view-state id="formAuthenticationView" view="signinform"
> model="usernamePasswordCredentials">
> + <var name="usernamePasswordCredentials"
> +
> class="org.apache.cxf.fediz.service.idp.UsernamePasswordCredentials" />
> + <binder>
> + <binding property="username" />
> + <binding property="password" />
> + </binder>
> + <on-entry>
> + <evaluate
> expression="externalContext.nativeResponse.setHeader('Cache-Control',
> 'no-store, no-cache, must-revalidate, private')" />
> + </on-entry>
> + <transition on="authenticate" bind="true" validate="true"
> to="idpUsernamePasswordTokenAction">
> + <set name="flowScope.usernamePasswordCredentials"
> value="usernamePasswordCredentials" />
> + </transition>
> + </view-state>
> +
> + <!-- check basic authentication state -->
> + <decision-state id="basicAuthenticationCheck">
> + <if
> test="externalContext.nativeRequest.getHeader('Authorization') == null"
> then="basicAuthenticationRequested" else="decodeBasicAuthenticationAction"
> />
> + </decision-state>
> +
> + <!-- force basic authentication, exits with Http 401 Unauthorized -->
> + <!-- warning : flow ends here. Decoding returned 'Authorization'
> header will be done by an other execution instance of flow (see
> 'decodeBasicAuthenticationAction') -->
> + <end-state id="basicAuthenticationRequested" view="genericerror">
> + <on-entry>
> + <evaluate
> expression="externalContext.nativeResponse.setHeader('WWW-Authenticate',
> 'Basic realm='+flowScope.idpName)" />
> + <evaluate
> expression="externalContext.nativeResponse.setHeader('Cache-Control',
> 'no-store, no-cache, must-revalidate, private')" />
> + <evaluate
> expression="externalContext.nativeResponse.setStatus(401,'Invalid
> credentials')" />
> + <set name="requestScope.reason" value="'Invalid credentials'"
> />
> + </on-entry>
> + </end-state>
> +
> + <!-- decode returned 'Authorization' header -->
> + <action-state id="decodeBasicAuthenticationAction">
> + <evaluate
> expression="decodeAuthorizationHeaderAction.submit(flowRequestContext)"
> + result="flowScope.usernamePasswordCredentials"
> +
> result-type="org.apache.cxf.fediz.service.idp.UsernamePasswordCredentials"
> />
> + <transition to="idpUsernamePasswordTokenAction" />
> + <transition on-exception="java.lang.Throwable"
> to="scInternalServerError" />
> + </action-state>
> +
> + <!-- Receiving username/password as credentials, produce IDP security
> token (as SecurityToken type) and store it in session -->
> + <!-- catch SoapFault in case of wrong credentials to redirect the
> flow -->
> + <action-state id="idpUsernamePasswordTokenAction">
> + <evaluate
> expression="stsClientForIdpAction.submit(flowScope.usernamePasswordCredentials,flowRequestContext)"
> + result="flowScope.idpToken"
> +
> result-type="org.apache.cxf.ws.security.tokenstore.SecurityToken" />
> + <transition on="success" to="rpTokenAction">
> + <set name="externalContext.sessionMap['IDP_TOKEN']"
> value="flowScope.idpToken" />
> + <set name="externalContext.sessionMap['IDP_PRINCIPAL']"
> value="flowScope.usernamePasswordCredentials.username" />
> + </transition>
> + <transition on-exception="org.apache.cxf.binding.soap.SoapFault"
> to="authenticationFailedSwitch" />
> + <transition on-exception="java.lang.Throwable"
> to="scInternalServerError" />
> + </action-state>
> +
> + <!-- when authentication failed, depending on the authentication
> support type set -->
> + <decision-state id="authenticationFailedSwitch">
> + <if test="flowScope['idp.authSupportType'] == 'FORM'"
> then="formAuthenticationView" />
> + <if test="flowScope['idp.authSupportType'] == 'BASIC'"
> then="basicAuthenticationRequested" />
> + </decision-state>
> +
> + <!-- produce RP security token (as String type) -->
> + <action-state id="rpTokenAction">
> + <evaluate
> expression="stsClientForRpAction.submit(externalContext.sessionMap['IDP_TOKEN'],
> externalContext.sessionMap['wtrealm'])"
> + result="flowScope.rpToken"
> + result-type="java.lang.String" />
> + <transition to="formResponseView" />
> + <transition on-exception="java.lang.Throwable"
> to="scInternalServerError" />
> + </action-state>
> +
> + <!-- normal exit point for login -->
> + <!-- browser redirection (self-submitted form
> 'signinresponseform.jsp') -->
> + <end-state id="formResponseView" view="signinresponseform">
> + <on-entry>
> + <evaluate expression="externalContext.sessionMap['wreply']"
> result="requestScope.fedAction" />
> + <evaluate expression="externalContext.sessionMap['wtrealm']"
> result="requestScope.fedWTrealm" />
> + <evaluate expression="externalContext.sessionMap['wctx']"
> result="requestScope.fedWCtx" />
> + <evaluate expression="flowScope.rpToken"
> result="requestScope.fedWResult" />
> + </on-entry>
> + </end-state>
> +
> + <!-- abnormal exit point : Http 400 Bad Request -->
> + <end-state id="viewBadRequest" view="genericerror">
> + <on-entry>
> + <evaluate
> expression="externalContext.nativeResponse.setStatus(400,flowRequestContext.currentTransition.toString())"
> />
> + <set name="requestScope.reason"
> value="flowRequestContext.currentTransition" />
> + </on-entry>
> + </end-state>
> +
> + <!-- abnormal exit point : Http 500 Internal Server Error -->
> + <end-state id="scInternalServerError" view="genericerror">
> + <on-entry>
> + <evaluate
> expression="externalContext.nativeResponse.setStatus(500,'IDP is
> unavailable, please contact the administrator')" />
> + <set name="requestScope.reason" value="'IDP is unavailable,
> please contact the administrator'" />
> + </on-entry>
> + </end-state>
> +
> + <!-- invalidate IDP session -->
> + <action-state id="invalidateSessionAction">
> + <evaluate expression="logoutAction.submit(flowRequestContext)" />
> + <transition on="success" to="endLogout" />
> + <transition on-exception="java.lang.Throwable"
> to="scInternalServerError" />
> + </action-state>
> +
> + <!-- normal exit point for logout -->
> + <end-state id="endLogout" view="signoutresponse" />
> +
> +</flow>
>
> Added:
> cxf/fediz/trunk/services/idp/src/main/webapp/WEB-INF/genericerror.jsp
> URL:
> http://svn.apache.org/viewvc/cxf/fediz/trunk/services/idp/src/main/webapp/WEB-INF/genericerror.jsp?rev=1462277&view=auto
>
> ==============================================================================
> --- cxf/fediz/trunk/services/idp/src/main/webapp/WEB-INF/genericerror.jsp
> (added)
> +++ cxf/fediz/trunk/services/idp/src/main/webapp/WEB-INF/genericerror.jsp
> Thu Mar 28 19:53:35 2013
> @@ -0,0 +1,11 @@
> +<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "
> http://www.w3.org/TR/html4/loose.dtd">
> +<html>
> +<head>
> +<meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1">
> +<title>IDP generic error page</title>
> +</head>
> +<body>
> + <h1>Sorry, CXF Fediz IDP cannot satisfy your request.</h1>
> + <p>Reason : ${reason}</p>
> +</body>
> +</html>
> \ No newline at end of file
>
> Added: cxf/fediz/trunk/services/idp/src/main/webapp/WEB-INF/idp-servlet.xml
> URL:
> http://svn.apache.org/viewvc/cxf/fediz/trunk/services/idp/src/main/webapp/WEB-INF/idp-servlet.xml?rev=1462277&view=auto
>
> ==============================================================================
> --- cxf/fediz/trunk/services/idp/src/main/webapp/WEB-INF/idp-servlet.xml
> (added)
> +++ cxf/fediz/trunk/services/idp/src/main/webapp/WEB-INF/idp-servlet.xml
> Thu Mar 28 19:53:35 2013
> @@ -0,0 +1,74 @@
> +<?xml version="1.0" encoding="UTF-8"?>
> +
> +<beans xmlns="http://www.springframework.org/schema/beans"
> + xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
> + xmlns:webflow="
> http://www.springframework.org/schema/webflow-config"
> + xmlns:p="http://www.springframework.org/schema/p"
> + xsi:schemaLocation="http://www.springframework.org/schema/beans
> http://www.springframework.org/schema/beans/spring-beans-3.0.xsd
> + http://www.springframework.org/schema/webflow-config
> http://www.springframework.org/schema/webflow-config/spring-webflow-config-2.0.xsd
> ">
> +
> + <bean class="org.springframework.webflow.mvc.servlet.FlowHandlerMapping"
> + p:flowRegistry-ref="flowRegistry"
> + p:order="2">
> +<!-- <property name="interceptors"> -->
> +<!-- <ref local="localeChangeInterceptor" /> -->
> +<!-- </property> -->
> + </bean>
> +
> + <bean
> class="org.springframework.webflow.mvc.servlet.FlowHandlerAdapter"
> + p:flowExecutor-ref="flowExecutor" />
> +
> + <webflow:flow-executor id="flowExecutor" flow-registry="flowRegistry">
> + <webflow:flow-execution-attributes>
> + <webflow:always-redirect-on-pause value="false" />
> + </webflow:flow-execution-attributes>
> + </webflow:flow-executor>
> +
> + <webflow:flow-registry id="flowRegistry"
> flow-builder-services="builder">
> + <webflow:flow-location path="/WEB-INF/federation-webflow.xml"
> id="federation" />
> + </webflow:flow-registry>
> +
> + <webflow:flow-builder-services id="builder"
> view-factory-creator="viewFactoryCreator"
> + expression-parser="expressionParser"/>
> +
> + <bean id="expressionParser"
> class="org.springframework.webflow.expression.WebFlowOgnlExpressionParser"
> />
> +
> + <bean id="viewFactoryCreator"
> class="org.springframework.webflow.mvc.builder.MvcViewFactoryCreator">
> + <property name="viewResolvers">
> + <list>
> + <ref local="viewResolver" />
> + </list>
> + </property>
> + </bean>
> +
> + <bean id="viewResolver"
> class="org.springframework.web.servlet.view.InternalResourceViewResolver">
> + <property name="prefix" value="/WEB-INF/"/>
> + <property name="suffix" value=".jsp"/>
> + </bean>
> +
> + <bean id="stsClientForIdpAction"
> class="org.apache.cxf.fediz.service.idp.beans.STSClientAction">
> + <property name="wsdlLocation" value="
> https://localhost:0/fediz-idp-sts/STSService?wsdl"/>
> + <property name="wsdlEndpoint" value="TransportUT_Port"/>
> + <property name="appliesTo" value="urn:fediz:idp"/>
> + <property name="tokenType" value="
> http://docs.oasis-open.org/wss/oasis-wss-saml-token-profile-1.1#SAMLV2.0
> "/>
> + <property name="claimsRequired" value="true"/>
> + </bean>
> +
> + <bean id="stsClientForRpAction"
> class="org.apache.cxf.fediz.service.idp.beans.STSClientAction">
> + <property name="wsdlLocation" value="
> https://localhost:9443/fediz-idp-sts/STSServiceTransport?wsdl"/>
> + <property name="wsdlEndpoint" value="Transport_Port"/>
> + <property name="tokenType" value="
> http://docs.oasis-open.org/wss/oasis-wss-saml-token-profile-1.1#SAMLV2.0
> "/>
> + <property name="claimsRequired" value="true"/>
> + </bean>
> +
> + <bean id="logoutAction"
> class="org.apache.cxf.fediz.service.idp.beans.LogoutAction" />
> +
> + <bean id="decodeAuthorizationHeaderAction"
> class="org.apache.cxf.fediz.service.idp.beans.DecodeAuthorizationHeaderAction"
> />
> +
> + <bean id="initialFlowSetupAction"
> class="org.apache.cxf.fediz.service.idp.beans.InitialFlowSetupAction" >
> +<!-- <property name="authSupportType" value="FORM" /> -->
> + <property name="authSupportType" value="BASIC" />
> + <property name="idpName" value="LocalIDP" />
> + </bean>
> +
> +</beans>
>
> Modified:
> cxf/fediz/trunk/services/idp/src/main/webapp/WEB-INF/signinform.jsp
> URL:
> http://svn.apache.org/viewvc/cxf/fediz/trunk/services/idp/src/main/webapp/WEB-INF/signinform.jsp?rev=1462277&r1=1462276&r2=1462277&view=diff
>
> ==============================================================================
> --- cxf/fediz/trunk/services/idp/src/main/webapp/WEB-INF/signinform.jsp
> (original)
> +++ cxf/fediz/trunk/services/idp/src/main/webapp/WEB-INF/signinform.jsp
> Thu Mar 28 19:53:35 2013
> @@ -1,43 +1,18 @@
> -<%@ page import="java.util.Set"%>
> -<%@ page import="java.util.HashSet"%>
> -<%@ page import="java.lang.reflect.Field"%>
> -<%@ page import="org.apache.cxf.fediz.service.idp.FederationFilter"%>
> -<%@ page
> import="org.apache.cxf.fediz.service.idp.HttpFormAuthenticationFilter"%>
> -<%@ page import="org.apache.cxf.fediz.service.idp.IdpServlet"%>
> -
> -<%@ page language="java" contentType="text/html; charset=ISO-8859-1"
> pageEncoding="ISO-8859-1"%>
> -
> <!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "
> http://www.w3.org/TR/html4/loose.dtd">
> +<%@ taglib prefix="spring" uri="http://www.springframework.org/tags" %>
> +<%@ taglib prefix="form" uri="http://www.springframework.org/tags/form"
> %>
> <html>
> <head>
> <title>IDP SignIn Request Form</title>
> </head>
> <body>
> - <form method="POST" name="signinform">
> - <%--
> - Replicating the context.
> - --%>
> - <%
> - Set<String> ctx = new HashSet<String>();
> - Field[] fields = FederationFilter.class.getFields();
> - for (Field f : fields) {
> - if(f.getName().startsWith("PARAM_") &&
> String.class.equals(f.getType())) {
> - String key = (String) f.get(null);
> - Object value = request.getAttribute(key);
> - if(null != value && value instanceof
> String) {
> - %>
> - <input type="hidden" name="<%=key%>" value="<%=value%>"
> readonly="readonly" />
> - <%
> - }
> - }
> - }
> - %>
> - <input type="hidden"
> name="<%=HttpFormAuthenticationFilter.PARAM_TAG%>"
> value="<%=HttpFormAuthenticationFilter.PARAM_TAG%>" readonly="readonly" />
> - userid :
> - <input type="text"
> name="<%=HttpFormAuthenticationFilter.PARAM_USERNAME%>" size="32" /><br />
> - password :
> - <input type="password"
> name="<%=HttpFormAuthenticationFilter.PARAM_PASSWORD%>" size="32" /><br />
> - <input type="submit" value="Authenticate" />
> - </form>
> + <h1>IDP SignIn Request Form</h1>
> + <form:form method="POST" id="signinform" name="signinform" >
> + <br />
> + userid : <input type="text" name="username" size="32"
> /><br />
> + password : <input type="password" name="password"
> size="32" /><br />
> + <input type="hidden" id="execution" name="execution"
> value="${flowExecutionKey}"/>
> + <input type="submit" name="_eventId_authenticate"
> value="Authenticate" /><br />
> + </form:form>
> </body>
> </html>
> \ No newline at end of file
>
> Added:
> cxf/fediz/trunk/services/idp/src/main/webapp/WEB-INF/signinresponseform.jsp
> URL:
> http://svn.apache.org/viewvc/cxf/fediz/trunk/services/idp/src/main/webapp/WEB-INF/signinresponseform.jsp?rev=1462277&view=auto
>
> ==============================================================================
> ---
> cxf/fediz/trunk/services/idp/src/main/webapp/WEB-INF/signinresponseform.jsp
> (added)
> +++
> cxf/fediz/trunk/services/idp/src/main/webapp/WEB-INF/signinresponseform.jsp
> Thu Mar 28 19:53:35 2013
> @@ -0,0 +1,21 @@
> +<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "
> http://www.w3.org/TR/html4/loose.dtd">
> +<%@ taglib prefix="spring" uri="http://www.springframework.org/tags" %>
> +<%@ taglib prefix="form" uri="http://www.springframework.org/tags/form"
> %>
> +<html>
> +<head>
> +<title>IDP SignIn Response Form</title>
> +</head>
> +<body>
> + <form:form method="POST" id="signinresponseform"
> name="signinresponseform" action="${fedAction}" htmlEscape="true">
> + <input type="hidden" name="wa" value="wsignin1.0" /><br />
> + <input type="hidden" name="wresult" value="${fedWResult}" /><br />
> + <input type="hidden" name="wctx" value="${fedWCtx}" /><br />
> + <input type="hidden" name="wtrealm" value="${fedWTrealm}" /><br />
> + <noscript>
> + <p>Script is disabled. Click Submit to continue.</p>
> + <input type="submit" name="_eventId_submit" value="Submit"
> /><br />
> + </noscript>
> + </form:form>
> + <script
> language="javascript">window.setTimeout('document.forms[0].submit()',0);</script>
> +</body>
> +</html>
>
> Added:
> cxf/fediz/trunk/services/idp/src/main/webapp/WEB-INF/signoutresponse.jsp
> URL:
> http://svn.apache.org/viewvc/cxf/fediz/trunk/services/idp/src/main/webapp/WEB-INF/signoutresponse.jsp?rev=1462277&view=auto
>
> ==============================================================================
> ---
> cxf/fediz/trunk/services/idp/src/main/webapp/WEB-INF/signoutresponse.jsp
> (added)
> +++
> cxf/fediz/trunk/services/idp/src/main/webapp/WEB-INF/signoutresponse.jsp
> Thu Mar 28 19:53:35 2013
> @@ -0,0 +1,11 @@
> +<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "
> http://www.w3.org/TR/html4/loose.dtd">
> +<%@ taglib prefix="spring" uri="http://www.springframework.org/tags" %>
> +<%@ taglib prefix="form" uri="http://www.springframework.org/tags/form"
> %>
> +<html>
> +<head>
> +<title>IDP SignOut Response Page</title>
> +</head>
> +<body>
> + <h1>CXF Fediz IDP succesfully logout.</h1>
> +</body>
> +</html>
>
> Modified: cxf/fediz/trunk/services/idp/src/main/webapp/WEB-INF/web.xml
> URL:
> http://svn.apache.org/viewvc/cxf/fediz/trunk/services/idp/src/main/webapp/WEB-INF/web.xml?rev=1462277&r1=1462276&r2=1462277&view=diff
>
> ==============================================================================
> --- cxf/fediz/trunk/services/idp/src/main/webapp/WEB-INF/web.xml (original)
> +++ cxf/fediz/trunk/services/idp/src/main/webapp/WEB-INF/web.xml Thu Mar
> 28 19:53:35 2013
> @@ -1,285 +1,36 @@
> -<web-app xmlns="http://java.sun.com/xml/ns/javaee" xmlns:xsi="
> http://www.w3.org/2001/XMLSchema-instance"
> - xsi:schemaLocation="http://java.sun.com/xml/ns/javaee
> - http://java.sun.com/xml/ns/javaee/web-app_3_0.xsd"
> - version="3.0" metadata-complete="true">
> -
> - <description>
> - WS Federation Tomcat Example
> - </description>
> - <display-name>WS Federation Tomcat Example</display-name>
> -
> - <filter>
> - <filter-name>FederationFilter</filter-name>
> -
> <filter-class>org.apache.cxf.fediz.service.idp.FederationFilter</filter-class>
> - <!--
> - <init-param>
> - <param-name>pre-state</param-name>
> - <param-value>NOT_AUTHENTICATED</param-value>
> - </init-param>
> - -->
> - <!--
> - <init-param>
> - <param-name>next-state</param-name>
> - <param-value>AUTHENTICATION_REQUIRED</param-value>
> - </init-param>
> - -->
> - <init-param>
> - <param-name>session.token</param-name>
> - <param-value>IDP_TOKEN</param-value>
> - </init-param>
> -
> - </filter>
> -
> - <filter>
> - <filter-name>AuthenticationFilter</filter-name>
> -
> <filter-class>org.apache.cxf.fediz.service.idp.AuthenticationFilter</filter-class>
> - <init-param>
> - <param-name>pre-state</param-name>
> - <param-value>AUTHENTICATION_REQUIRED</param-value>
> - </init-param>
> - </filter>
> -
> - <filter>
> - <filter-name>BasicAuthenticationFilter</filter-name>
> -
> <filter-class>org.apache.cxf.fediz.service.idp.BasicAuthenticationFilter</filter-class>
> - <init-param>
> - <param-name>pre-state</param-name>
> -
> <param-value>USERNAME_PASSWORD_REQUIRED</param-value>
> - </init-param>
> - <init-param>
> - <param-name>next-state</param-name>
> - <param-value>SECURITY_TOKEN_REQUIRED</param-value>
> - </init-param>
> - </filter>
> -
> - <filter>
> - <filter-name>FormAuthenticationFilter</filter-name>
> -
> <filter-class>org.apache.cxf.fediz.service.idp.HttpFormAuthenticationFilter</filter-class>
> - <init-param>
> - <param-name>pre-state</param-name>
> -
> <param-value>USERNAME_PASSWORD_REQUIRED</param-value>
> - </init-param>
> - <init-param>
> - <param-name>next-state</param-name>
> - <param-value>SECURITY_TOKEN_REQUIRED</param-value>
> - </init-param>
> - </filter>
> -
> - <filter>
> - <filter-name>STSClientFilterRequestor</filter-name>
> -
> <filter-class>org.apache.cxf.fediz.service.idp.STSClientFilter</filter-class>
> - <init-param>
> - <param-name>pre-state</param-name>
> - <param-value>SECURITY_TOKEN_REQUIRED</param-value>
> - </init-param>
> - <init-param>
> - <param-name>next-state</param-name>
> - <param-value>SECURITY_TOKEN_REQUIRED</param-value>
> - </init-param>
> - <init-param>
> - <param-name>sts.wsdl.url</param-name>
> - <param-value>
> https://localhost:0/fediz-idp-sts/STSService?wsdl</param-value>
> - </init-param>
> - <init-param>
> - <param-name>sts.wsdl.service</param-name>
> - <param-value>SecurityTokenService</param-value>
> - </init-param>
> - <init-param>
> - <param-name>sts.wsdl.endpoint</param-name>
> - <param-value>TransportUT_Port</param-value>
> - </init-param>
> - <init-param>
> - <param-name>sts.auth-type</param-name>
> - <param-value>USERNAME_PASSWORD</param-value>
> - </init-param>
> - <init-param>
> - <param-name>sts.applies-to</param-name>
> - <param-value>urn:fediz:idp</param-value>
> - </init-param>
> - <init-param>
> - <param-name>token.store.name</param-name>
> - <param-value>IDP_TOKEN</param-value>
> - </init-param>
> - <!--
> - <init-param>
> - <param-name>token.store.session</param-name>
> - <param-value>true</param-value>
> - </init-param>
> - -->
> - <init-param>
> - <param-name>sts.rstr.content-type</param-name>
> - <param-value>TOKEN</param-value>
> - </init-param>
> - <init-param>
> - <param-name>sts.use.wfresh.for.ttl</param-name>
> - <param-value>true</param-value>
> - </init-param>
> - </filter>
> -
> - <filter>
> - <filter-name>STSClientFilterRP</filter-name>
> -
> <filter-class>org.apache.cxf.fediz.service.idp.STSClientFilter</filter-class>
> - <init-param>
> - <param-name>pre-state</param-name>
> - <param-value>SECURITY_TOKEN_REQUIRED</param-value>
> - </init-param>
> - <init-param>
> - <param-name>next-state</param-name>
> - <param-value>AUTHENTICATED</param-value>
> - </init-param>
> - <init-param>
> - <param-name>sts.wsdl.url</param-name>
> - <param-value>
> https://localhost:0/fediz-idp-sts/STSServiceTransport?wsdl</param-value>
> - </init-param>
> - <init-param>
> - <param-name>sts.wsdl.service</param-name>
> - <param-value>SecurityTokenService</param-value>
> - </init-param>
> - <init-param>
> - <param-name>sts.wsdl.endpoint</param-name>
> - <param-value>Transport_Port</param-value>
> - </init-param>
> - <init-param>
> - <param-name>sts.auth-type</param-name>
> - <param-value>NONE</param-value>
> - </init-param>
> - <init-param>
> - <param-name>sts.applies-to</param-name>
> - <param-value>$wtrealm</param-value>
> - </init-param>
> - <init-param>
> - <param-name>sts.onbehalfof.token.name</param-name>
> - <param-value>IDP_TOKEN</param-value>
> - </init-param>
> - <init-param>
> - <param-name>token.store.name</param-name>
> - <param-value>RP_TOKEN</param-value>
> - </init-param>
> - <init-param>
> - <param-name>sts.rstr.content-type</param-name>
> - <param-value>RSTR</param-value>
> - </init-param>
> - <init-param>
> - <param-name>sts.claims.required</param-name>
> - <param-value>true</param-value>
> - </init-param>
> - </filter>
> -
> - <filter>
> - <filter-name>FederationPostFilter</filter-name>
> -
> <filter-class>org.apache.cxf.fediz.service.idp.FederationPostFilter</filter-class>
> - <init-param>
> - <param-name>pre-state</param-name>
> - <param-value>AUTHENTICATED</param-value>
> - </init-param>
> - <init-param>
> - <param-name>next-state</param-name>
> - <param-value>AUTHENTICATED</param-value>
> - </init-param>
> - <init-param>
> - <param-name>token.store.name</param-name>
> - <param-value>RP_TOKEN</param-value>
> - </init-param>
> - </filter>
> -
> - <filter>
> - <filter-name>LogoutFilter</filter-name>
> -
> <filter-class>org.apache.cxf.fediz.service.idp.LogoutFilter</filter-class>
> - <init-param>
> - <param-name>pre-state</param-name>
> - <param-value>AUTHENTICATED</param-value>
> - </init-param>
> - <init-param>
> - <param-name>logout.uri</param-name>
> - <param-value>logout</param-value>
> - </init-param>
> - </filter>
> -
> - <filter>
> - <filter-name>SessionCacheFilter</filter-name>
> -
> <filter-class>org.apache.cxf.fediz.service.idp.SessionCacheFilter</filter-class>
> - <init-param>
> - <param-name>pre-state</param-name>
> - <param-value>AUTHENTICATED</param-value>
> - </init-param>
> - <init-param>
> - <param-name>next-state</param-name>
> - <param-value>AUTHENTICATED</param-value>
> - </init-param>
> - <init-param>
> - <param-name>item1</param-name>
> - <param-value>IDP_PRINCIPAL</param-value>
> - </init-param>
> - <init-param>
> - <param-name>item2</param-name>
> - <param-value>IDP_TOKEN</param-value>
> - </init-param>
> - </filter>
> -
> -
> -
> - <filter-mapping>
> - <filter-name>FederationFilter</filter-name>
> - <url-pattern>/*</url-pattern>
> - </filter-mapping>
> -
> - <filter-mapping>
> - <filter-name>AuthenticationFilter</filter-name>
> - <url-pattern>/*</url-pattern>
> - </filter-mapping>
> -
> - <filter-mapping>
> - <filter-name>BasicAuthenticationFilter</filter-name>
> - <url-pattern>/*</url-pattern>
> - </filter-mapping>
> -
> - <!-- FORM based authentication -->
> - <!--
> - <filter-mapping>
> - <filter-name>FormAuthenticationFilter</filter-name>
> - <url-pattern>/*</url-pattern>
> - </filter-mapping>
> - -->
> -
> - <filter-mapping>
> - <filter-name>STSClientFilterRequestor</filter-name>
> - <url-pattern>/*</url-pattern>
> - </filter-mapping>
> -
> - <filter-mapping>
> - <filter-name>STSClientFilterRequestor</filter-name>
> -
> - <url-pattern>/*</url-pattern>
> - </filter-mapping>
> -
> - <filter-mapping>
> - <filter-name>STSClientFilterRP</filter-name>
> - <url-pattern>/*</url-pattern>
> - </filter-mapping>
> -
> - <filter-mapping>
> - <filter-name>FederationPostFilter</filter-name>
> - <url-pattern>/*</url-pattern>
> - </filter-mapping>
> -
> - <filter-mapping>
> - <filter-name>LogoutFilter</filter-name>
> - <url-pattern>/*</url-pattern>
> - </filter-mapping>
> -
> - <filter-mapping>
> - <filter-name>SessionCacheFilter</filter-name>
> - <url-pattern>/*</url-pattern>
> - </filter-mapping>
> -
> -
> - <context-param>
> - <param-name>contextConfigLocation</param-name>
> - <param-value>WEB-INF/applicationContext.xml</param-value>
> - </context-param>
> - <listener>
> -
> <listener-class>org.springframework.web.context.ContextLoaderListener</listener-class>
> - </listener>
> -
> -
> -</web-app>
> +<web-app xmlns="http://java.sun.com/xml/ns/javaee" xmlns:xsi="
> http://www.w3.org/2001/XMLSchema-instance"
> + xsi:schemaLocation="http://java.sun.com/xml/ns/javaee
> + http://java.sun.com/xml/ns/javaee/web-app_3_0.xsd"
> + version="3.0" metadata-complete="true">
> +
> + <description>Fediz IDP</description>
> + <display-name>Fediz IDP</display-name>
> +
> + <context-param>
> + <param-name>contextConfigLocation</param-name>
> + <param-value>/WEB-INF/applicationContext.xml</param-value>
> + </context-param>
> +
> + <servlet>
> + <servlet-name>idp</servlet-name>
> + <servlet-class>
> + org.springframework.web.servlet.DispatcherServlet
> + </servlet-class>
> + <init-param>
> + <param-name>publishContext</param-name>
> + <param-value>false</param-value>
> + </init-param>
> + <load-on-startup>1</load-on-startup>
> + </servlet>
> +
> + <servlet-mapping>
> + <servlet-name>idp</servlet-name>
> + <url-pattern>/federation</url-pattern>
> + </servlet-mapping>
> +
> + <listener>
> +
> <listener-class>org.springframework.web.context.ContextLoaderListener</listener-class>
> + </listener>
> +
> +
> +</web-app>
>
> Modified: cxf/fediz/trunk/services/sts/pom.xml
> URL:
> http://svn.apache.org/viewvc/cxf/fediz/trunk/services/sts/pom.xml?rev=1462277&r1=1462276&r2=1462277&view=diff
>
> ==============================================================================
> --- cxf/fediz/trunk/services/sts/pom.xml (original)
> +++ cxf/fediz/trunk/services/sts/pom.xml Thu Mar 28 19:53:35 2013
> @@ -68,8 +68,29 @@
> </exclusion>
> </exclusions>
> -->
> + </dependency>
> + <dependency>
> + <groupId>org.slf4j</groupId>
> + <artifactId>slf4j-api</artifactId>
> + <version>${slf4j.version}</version>
> + <scope>compile</scope>
> </dependency>
> - </dependencies>
> + <dependency>
> + <groupId>org.slf4j</groupId>
> + <artifactId>slf4j-jdk14</artifactId>
> + <version>${slf4j.version}</version>
> + <scope>runtime</scope>
> + </dependency>
> +<!--
> + <dependency>
> + <groupId>org.slf4j</groupId>
> + <artifactId>slf4j-api</artifactId>
> + <version>${slf4j.version}</version>
> + <scope>provided</scope>
> + </dependency>
> +-->
> + </dependencies>
> +
> <build>
> <plugins>
> <!--
>
> Modified: cxf/fediz/trunk/services/sts/src/main/resources/log4j.properties
> URL:
> http://svn.apache.org/viewvc/cxf/fediz/trunk/services/sts/src/main/resources/log4j.properties?rev=1462277&r1=1462276&r2=1462277&view=diff
>
> ==============================================================================
> --- cxf/fediz/trunk/services/sts/src/main/resources/log4j.properties
> (original)
> +++ cxf/fediz/trunk/services/sts/src/main/resources/log4j.properties Thu
> Mar 28 19:53:35 2013
> @@ -1,6 +1,6 @@
> # Set root category priority to INFO and its only appender to CONSOLE.
> -log4j.rootCategory=FATAL, CONSOLE
> -#log4j.rootCategory=DEBUG, CONSOLE
> +#log4j.rootCategory=FATAL, CONSOLE
> +log4j.rootCategory=DEBUG, CONSOLE
>
> # CONSOLE is set to be a ConsoleAppender using a PatternLayout.
> log4j.appender.CONSOLE=org.apache.log4j.ConsoleAppender
>
> Modified:
> cxf/fediz/trunk/services/sts/src/main/resources/logging.properties
> URL:
> http://svn.apache.org/viewvc/cxf/fediz/trunk/services/sts/src/main/resources/logging.properties?rev=1462277&r1=1462276&r2=1462277&view=diff
>
> ==============================================================================
> --- cxf/fediz/trunk/services/sts/src/main/resources/logging.properties
> (original)
> +++ cxf/fediz/trunk/services/sts/src/main/resources/logging.properties Thu
> Mar 28 19:53:35 2013
> @@ -38,10 +38,10 @@ java.util.logging.FileHandler.count = 1
> java.util.logging.FileHandler.formatter = java.util.logging.XMLFormatter
>
> # Limit the message that are printed on the console to WARNING and above.
> -java.util.logging.ConsoleHandler.level = INFO
> +java.util.logging.ConsoleHandler.level = FINEST
> +java.util.logging.SimpleFormatter.format="STS %1$tc %2$s%n%4$s:
> %5$s%6$s%n"
> java.util.logging.ConsoleHandler.formatter =
> java.util.logging.SimpleFormatter
>
> -
> ############################################################
> # Facility specific properties.
> # Provides extra control for each logger.
> @@ -50,3 +50,4 @@ java.util.logging.ConsoleHandler.formatt
> # For example, set the com.xyz.foo logger to only log SEVERE
> # messages:
> #com.xyz.foo.level = SEVERE
> +org.apache.cxf.fediz.service.sts.level = FINE
>
> Modified:
> cxf/fediz/trunk/services/sts/src/main/webapp/WEB-INF/cxf-transport.xml
> URL:
> http://svn.apache.org/viewvc/cxf/fediz/trunk/services/sts/src/main/webapp/WEB-INF/cxf-transport.xml?rev=1462277&r1=1462276&r2=1462277&view=diff
>
> ==============================================================================
> --- cxf/fediz/trunk/services/sts/src/main/webapp/WEB-INF/cxf-transport.xml
> (original)
> +++ cxf/fediz/trunk/services/sts/src/main/webapp/WEB-INF/cxf-transport.xml
> Thu Mar 28 19:53:35 2013
> @@ -121,7 +121,7 @@
> <property name="issuer" value="DoubleItSTSIssuer" />
> <property name="encryptionUsername" value="myservicekey" />
> </bean>
> -
> +
> <jaxws:endpoint id="transportSTS1"
> implementor="#transportSTSProviderBean"
> address="/STSService"
> wsdlLocation="/WEB-INF/wsdl/ws-trust-1.4-service.wsdl"
> xmlns:ns1="
> http://docs.oasis-open.org/ws-sx/ws-trust/200512/"
>
>
>
--
Colm O hEigeartaigh
Talend Community Coder
http://coders.talend.com