THIS IS A TEST INSTANCE. ALL YOUR CHANGES WILL BE LOST!!!!
...
Prior to doing this configuration, make sure you've first deployed the Fediz IDP and STS on the Tomcat IDP instance as discussed here, and can view the STS WSDL at the URL given on that page.
...
The following configuration snippets illustrate the Fediz related configuration. The complete configuration file can be found in the example spring2Webapp.
| Code Block | ||||||||
|---|---|---|---|---|---|---|---|---|
| ||||||||
<sec:http entry-point-ref="federationEntryPoint">
<sec:intercept-url pattern="/secure/fedservlet" access="IS_AUTHENTICATED_FULLY"/>
<sec:intercept-url pattern="/secure/manager/**" access="ROLE_MANAGER"/>
<sec:intercept-url pattern="/secure/admin/**" access="ROLE_ADMIN"/>
<sec:intercept-url pattern="/secure/user/**" access="ROLE_USER,ROLE_ADMIN,ROLE_MANAGER"/>
</sec:http>
<sec:authentication-manager alias="authManager"/>
<bean id="fedizConfig" class="org.apache.cxf.fediz.spring.FederationConfigImpl" init-method="init"
p:configFile="WEB-INF/fediz_config.xml" p:contextName="/fedizhelloworld" />
<bean id="federationEntryPoint"
class="org.apache.cxf.fediz.spring.web.FederationAuthenticationEntryPoint"
p:federationConfig-ref="fedizConfig" />
<bean id="federationFilter"
class="org.apache.cxf.fediz.spring.web.FederationAuthenticationFilter"
p:authenticationManager-ref="authManager" p:defaultTargetUrl="/whatever">
<sec:custom-filter after="BASIC_PROCESSING_FILTER"/>
</bean>
<bean id="federationAuthProvider" class="org.apache.cxf.fediz.spring.authentication.FederationAuthenticationProvider"
p:federationConfig-ref="fedizConfig">
<sec:custom-authentication-provider />
<property name="authenticationUserDetailsService">
<bean class="org.apache.cxf.fediz.spring.authentication.GrantedAuthoritiesUserDetailsFederationService"/>
</property>
</bean>
|
...