THIS IS A TEST INSTANCE. ALL YOUR CHANGES WILL BE LOST!!!!
...
Apache CXF Fediz is a subproject of CXF. Fediz helps you to secure your web applications and delegates security enforcement to the underlying application server. With Fediz, authentication is externalized from your web application to an identity provider installed as a dedicated server component. Apache CXF Fediz supports both WS-Federation Passive Requestor Profile and the SAML Web Browser SSO Profile. Fediz supports Claims Based Access Control beyond Role Based Access Control (RBAC).
News
November 30December 23, 2017 2022 - Apache CXF Fediz 1.46.3 and 1 .3.3 released
Apache CXF Fediz 1.46.3 and 1 is released. 3.3 have been released. A new security advisory has been released for an issue that was fixed in these releases:
- CVE-2017-12631: CSRF vulnerabilities in the Apache CXF Fediz Spring plugins.
For more information and to download the new release, please go here.
This is a bugfix release containing upgrades to CXF 3.5.5, amongst other dependency upgrades. See the download page for more information.
February 12, 2022 September 15, 2017 - Apache CXF Fediz 1.46.2 0 released
Apache CXF Fediz 1.4.2 has been released.
For more information and to download the new release, please go here.
6.0 is released. This is a new major release containing upgrades to CXF 3.5.x and Spring 5, amongst others. See the download page for more information.
November 30, 2020 August 18, 2017 - Apache CXF Fediz 1.45.1 released
Apache CXF Fediz 1.45.1 has been is released.
For more information and to download the new release, please go here.
May 16, 2017 - Two new security advisories for Apache CXF Fediz are released
Two new security advisories have been released for issues that are fixed in the latest releases (1.4.0, 1.3.2 and 1.2.4):
...
See the download page for more information.
June 23, 2020 - Apache CXF Fediz 1.5.0 released
Apache CXF Fediz 1.5.0 is released. This is a major new release with the following issues fixed: https://issues.apache.org/jira/secure/ReleaseNote.jspa?projectId=12313420&version=12336848
The main changes are:
- The IdP is updated to use Spring Security 4.
- Support is added for Jetty 9.4 + Tomcat 9 plugins
- A fix for issues that prevented the Tomcat plugin working from versions 8.5.50 and 9.0.30
- The Tomcat 7, Jetty 8, Spring Security 2 + 3 plugins are removed.
See the download page for more information.
...
Download
See here.
Project Source
...
- Web Browsing: https://github.com/apache/cxf-fediz
- Checking out from GIT: git clone git@github.com:apache/cxf-fediz.git
CXF committers can directly commit to github after doing the Apache gitbox setup. Be aware that the sync might take half an hour before you are added to the CXF github group.
...
Apache CXF Fediz user guide
- Introduction
- Fediz Architecture
- Relying Party Containers
- Fediz IdP
- Fediz Metadata
- Fediz IdP
- Fediz IdP 1.0 (deprecated)
- Fediz Metadata
- Fediz Samples
- Fediz Articles
- Fediz HistoryFediz Samples