Versions Compared

Old Version 82

changes.mady.by.user Colm O hEigeartaigh

Saved on

compared with

New Version Current

changes.mady.by.user Colm O hEigeartaigh

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

Apache CXF Fediz is a subproject of CXF. Fediz helps you to secure your web applications and delegates security enforcement to the underlying application server. With Fediz, authentication is externalized from your web application to an identity provider installed as a dedicated server component. Apache CXF Fediz supports both WS-Federation Passive Requestor Profile and the SAML Web Browser SSO Profile. Fediz supports Claims Based Access Control beyond Role Based Access Control (RBAC).

News

June 29December 23, 2018 2022 - Apache CXF Fediz 1.46.41 released

Apache CXF Fediz 1.4.4 has been released. A new security advisory has been released for an issue that was fixed in this release:

...

6.1 is released. This is a bugfix release containing upgrades to CXF 3.5.5, amongst other dependency upgrades. See the download page for more information.

February 12, 2022 - Apache CXF Fediz 1.6.0 released

Apache CXF Fediz 1.6.0 is released. This is a new major release containing upgrades to CXF 3.5.x and Spring 5, amongst others. See the download page for more information.

November 30, 2017 2020 - Apache CXF Fediz 1.4.3 and 5.1 released

Apache CXF Fediz 1.35.1 is released. See the download page for more information.

June 23, 2020 - 3 released Apache CXF Fediz 1.4.3 and 5.0 released

Apache CXF Fediz 1.3.3 have been 5.0 is released. A new security advisory has been released for an issue that was fixed in these releases:

  • CVE-2017-12631: CSRF vulnerabilities in the Apache CXF Fediz Spring plugins.

 This is a major new release with the following issues fixed: https://issues.apache.org/jira/secure/ReleaseNote.jspa?projectId=12313420&version=12336848

The main changes are:

  • The IdP is updated to use Spring Security 4.
  • Support is added for Jetty 9.4 + Tomcat 9 plugins
  • A fix for issues that prevented the Tomcat plugin working from versions 8.5.50 and 9.0.30
  • The Tomcat 7, Jetty 8, Spring Security 2 + 3 plugins are removed.

See the download page for more information.

Download

See here.

Project Source

...

...