Apache CXF Fediz: An Open-Source Web Security Framework

Overview

Apache CXF Fediz is a subproject of CXF. Fediz helps you to secure your web applications and delegates security enforcement to the underlying application server. Authentication is externalized from your web application to an identity provider which is a dedicated server component. The supported standard is WS-Federation 1.2 Passive Requestor Profile. Fediz supports Claims based Access control beyond Role Based Access Control (RBAC).

...

• WS-Federation 1.1/1.2
• SAML 1.1/2.0 Tokens
• Custom token support
• Publish WS-Federation Metadata document
• Role information encoded as AttributeStatement in SAML 1.1/2.0 tokens
• Claims information provided by FederationPrincipal interface

The following features are planned for the next release:

...