Skip to content
Permalink
Browse files
added readme, building, release notes and removed fediz-tomcat depend…
…encies in examples

git-svn-id: https://svn.apache.org/repos/asf/cxf/fediz/trunk@1347084 13f79535-47bb-0310-9956-ffa450edef68
  • Loading branch information
owulff committed Jun 6, 2012
1 parent c82b0cf commit c120909e2027fdc3b450fd56cb67b18d08689fc6
Show file tree
Hide file tree
Showing 7 changed files with 203 additions and 12 deletions.
@@ -0,0 +1,53 @@
Building Apache CXF Fediz
=========================

Initial Setup
-------------

1) Install J2SE 6.0 SDK, which can be downloaded from
http://www.oracle.com/technetwork/java/javasebusiness/downloads/java-archive-downloads-javase6-419409.html

2) Make sure that your JAVA_HOME environment variable is set to the newly installed
JDK location, and that your PATH includes %JAVA_HOME%\bin (windows) or
$JAVA_HOME$/bin (unix).

3) Install Maven 2.2.1 or newer, which can be downloaded from
http://maven.apache.org/download.html. Make sure that your PATH includes
the MVN_HOME/bin directory.


Building
--------

1) Change to the top level directory of Apache CXF Fediz source distribution.
2) Run
$> mvn.
This will compile Apache CXF Fediz and run all of the tests in the Apache CXF Fediz source
distribution. Alternatively, you can run
$> mvn -Pfastinstall.
This will compile Apache CXF Fediz without running the tests and takes less
time to build.
Depending on the load of remote Maven repositories, you may have
to run "mvn" several times utill the required dependencies are
all located in your local maven repository. It usually takes some time for
maven to download required dependencies in the first build.


Source Directory structure
--------------------------

+ plugins contains the sources of the federation plugin
+ core the core module contains the majority of functionality which is Servlet container agnostic
+ tomcat the tomcat module is the bridge of the core to the tomcat specific security engine

+ services contains the sources of the Identity Provider
+ sts the sts module contains the configured CXF STS which supports the usecases for Federation
+ idp the idp module is the bridge of the STS to a WS-Trust/SOAP unaware browser

+ examples
+ simpleWebapp this example shows how to protect a simple web application using the fediz plugin
+ wsclientWebapp this example shows how a protected web application calls a web service protected by the STS
+ webapp contains the web application
+ webservice contains the web services implementation


@@ -0,0 +1,76 @@
Welcome to Apache CXF Fediz!
============================
Fediz helps you to secure your web applications and delegates security enforcement
to the underlying application server. With Fediz, authentication is externalized
from your web application to an identity provider installed as a dedicated server component.
The supported standard is WS-Federation 1.2 Passive Requestor Profile.
Fediz supports Claims Based Access Control beyond Role Based Access Control (RBAC).

Fediz includes the following feature set:

WS-Federation 1.1/1.2
SAML 1.1/2.0 Tokens
Custom token support
Publish WS-Federation Metadata document
Role information encoded as AttributeStatement in SAML 1.1/2.0 tokens
Claims information provided by FederationPrincipal interface


Export Notice
============================
This distribution includes cryptographic software. The country in
which you currently reside may have restrictions on the import,
possession, use, and/or re-export to another country, of
encryption software. BEFORE using any encryption software, please
check your country's laws, regulations and policies concerning the
import, possession, or use, and re-export of encryption software, to
see if this is permitted. See <http://www.wassenaar.org/> for more
information.

The U.S. Government Department of Commerce, Bureau of Industry and
Security (BIS), has classified this software as Export Commodity
Control Number (ECCN) 5D002.C.1, which includes information security
software using or performing cryptographic functions with asymmetric
algorithms. The form and manner of this Apache Software Foundation
distribution makes it eligible for export under the License Exception
ENC Technology Software Unrestricted (TSU) exception (see the BIS
Export Administration Regulations, Section 740.13) for both object
code and source code.

The following provides more details on the included cryptographic
software:
http://xml.apache.org/security/
http://www.bouncycastle.org/
http://ws.apache.org/wss4j/



Getting Started
===============

For an Apache CXF Fediz source distribution, please read BUILDING.txt for
instructions on building Apache CXF Fediz.

For an Apache CXF Fediz binary distribution, please read release_notes.txt
for installation instructions and list of supported and unsupported
features.

Alternatively, you can also find out how to get started here:
http://cxf.apache.org/fediz.html

If you need more help try talking to us on our mailing lists:
http://cxf.apache.org/mailing-lists.html

If you find any issues with Fediz, please submit reports with JIRA here:
https://issues.apache.org/jira/browse/FEDIZ

We welcome contributions, and encourage you to get involved in the CXF
community. If you'd like to learn more about how you can contribute, please
see:
http://cxf.apache.org/getting-involved.html

Thank you for using CXF Fediz!

The Apache CXF Team
http://cxf.apache.org/

@@ -46,6 +46,13 @@ Prerequisite
------------
Please review the README in the samples main directory before continuing.

Copy the Fediz Configuration file into the directory 'conf' of the Tomcat installation. The configuration file
is located in src/main/config/fediz_config.xml of this example.

This configuration references the java keystore 'conf/stsstore.jks' which contains the certificate to validate
a SAML token issued by the IDP/STS. This keystore is located in webapps/fedizidpsts/WEB-INF/classes/stsstore.jks (deployed)
or in services/sts/src/main/resources/stsstore.jks (source)


Building the demo using Maven
-----------------------------
@@ -51,18 +51,13 @@
<version>2.5</version>
<scope>provided</scope>
</dependency>
<!-- Required to cast Principal to FederationPrincipal -->
<dependency>
<groupId>org.apache.cxf.fediz</groupId>
<artifactId>fediz-core</artifactId>
<version>${project.version}</version>
<scope>provided</scope>
</dependency>
<dependency>
<groupId>org.apache.cxf.fediz</groupId>
<artifactId>fediz-tomcat</artifactId>
<version>${project.version}</version>
<scope>provided</scope>
</dependency>
<dependency>
<groupId>org.apache.commons</groupId>
<artifactId>commons-lang3</artifactId>
@@ -70,6 +70,13 @@ Prerequisite
Please review the README in the samples main directory before continuing.
It's recommended to run the demo simpleWebapp first as this is an extended demo.

Copy the Fediz Configuration file into the directory 'conf' of the Tomcat installation. The configuration file
is located in src/main/config/fediz_config.xml of this example.

This configuration references the java keystore 'conf/stsstore.jks' which contains the certificate to validate
a SAML token issued by the IDP/STS. This keystore is located in webapps/fedizidpsts/WEB-INF/classes/stsstore.jks (deployed)
or in services/sts/src/main/resources/stsstore.jks (source)


Building the demo using Maven
-----------------------------
@@ -52,18 +52,13 @@
<version>${tomcat.version}</version>
<scope>provided</scope>
</dependency>
<!-- Required to cast Principal to FederationPrincipal -->
<dependency>
<groupId>org.apache.cxf.fediz</groupId>
<artifactId>fediz-core</artifactId>
<version>${project.version}</version>
<scope>provided</scope>
</dependency>
<dependency>
<groupId>org.apache.cxf.fediz</groupId>
<artifactId>fediz-tomcat</artifactId>
<version>${project.version}</version>
<scope>provided</scope>
</dependency>
<dependency>
<groupId>org.apache.commons</groupId>
<artifactId>commons-lang3</artifactId>
@@ -0,0 +1,58 @@
Apache CXF Fediz 1.0.0 Release Notes

1. Overview

The 1.0.x versions of Apache CXF Fediz is the first version of Fediz that
provides the following features:

* WS-Federation 1.0/1.1/1.2
* SAML 1.1/2.0 Tokens
* Custom token support
* Publish WS-Federation Metadata document
* Role information encoded as AttributeStatement in SAML 1.1/2.0 tokens
* Claims information provided by FederationPrincipal interface


2. Installation Prerequisites

Before installing Apache CXF Fediz, make sure the following products,
with the specified versions, are installed on your system:

* Java 6 Development Kit
* Apache Maven 2.2.1 or 3.x to build the samples


3. Building the Samples

Building the samples included in the binary distribution is easy. Change to
the examples directory and follow the build instructions in the README.txt file
included with each sample.


4. Reporting Problems

If you have any problems or want to send feedback of any kind, please e-mail the
CXF dev list, dev@cxf.apache.org. You can also file issues in JIRA at:

http://issues.apache.org/jira/browse/FEDIZ


5. Migration notes:

N.A.


6. Specific issues, features, and improvements fixed in this version

** Bug

** Improvement

** New Feature

** Task

** Test



0 comments on commit c120909

Please sign in to comment.