...
Apache CXF Fediz is a subproject of CXF. Fediz helps you to secure your web applications and delegates security enforcement to the underlying application server. With Fediz, authentication is externalized from your web application to an identity provider installed as a dedicated server component. Apache CXF Fediz supports both WS-Federation Passive Requestor Profile and the SAML Web Browser SSO Profile. Fediz supports Claims Based Access Control beyond Role Based Access Control (RBAC).
News
October 8December 23, 2018 2022 - Apache CXF Fediz 1.6.1 released
Apache CXF Fediz 1.6.1 is released. This is a bugfix release containing upgrades to CXF 3.5.5, amongst other dependency upgrades. See the download page for more information.
February 12, 2022 - Apache CXF Fediz 1.6.0 4.5 released
Apache CXF Fediz 1.46.5 0 is released. This is a new major release containing upgrades to CXF 3.5.x and Spring 5, amongst others. See the download page for more information.
November 30, 2020 - Apache CXF Fediz 1.5.1 released
Apache CXF Fediz 1.5.1 is released. New features include supporting custom claims handling (transformation) in the plugins and SAML SSO support in the Jetty and Spring security plugins. See the download page for more information.
June 2923, 2018 2020 - Apache CXF Fediz 1.45.40 released
Apache CXF Fediz 1.4.4 has been 5.0 is released. A new security advisory has been released for an issue that was fixed in this release:
...
This is a major new release with the following issues fixed: https://issues.apache.org/jira/secure/ReleaseNote.jspa?projectId=12313420&version=12336848
The main changes are:
- The IdP is updated to use Spring Security 4.
- Support is added for Jetty 9.4 + Tomcat 9 plugins
- A fix for issues that prevented the Tomcat plugin working from versions 8.5.50 and 9.0.30
- The Tomcat 7, Jetty 8, Spring Security 2 + 3 plugins are removed.
See the download page for more information.
Download
See here.
Project Source
...