Page History

...

The Fediz STS is based on a customized CXF STS configured to support standard Federation use cases demonstrated by the examples. The Fediz STS has been enhanced to support two realms *Realm-A* and *Realm-B* with the following set of users:

The Fediz IDP doesn't support several realms within one WAR which requires to build a Fediz IDP WAR for Realm A (default, shipped with Fediz Distribution) and Realm B. See below how to build a Fediz IDP WAR for a specific realm.

...

<Server port="9005" shutdown="SHUTDOWN">
...

   <!-- http configuration -->
   <Connector port="9080" protocol="HTTP/1.1"
        connectionTimeout="20000"
        redirectPort="9443" />

   ...

   <!-- https configuration -->
   <Connector port="9443" protocol="HTTP/1.1" SSLEnabled="true"
        maxThreads="150" scheme="https" secure="true"
        clientAuth="want" sslProtocol="TLS"
        keystoreFile="idp-ssl-serverkey.jks" keystorePass="tompass" 
        keystorePasstruststoreFile="tompassidp-ssl-trust.jks" sslProtocoltruststorePass="TLSispass" />
   ...

   <Connector port="9009" protocol="AJP/1.3" redirectPort="9443" />

...
</Server>

...

Once you deploy the IDP WAR files to your Tomcat installation (<catalina.home>/webapps), you should be able to see the Fediz STS from a browser. Assuming port 9080 as listed above, the STS WSDL is available at:

Configuration

You can manage the users, their claims and the claims per application in the IDP.

...

The users and passwords are configured in a Spring configuration file in webapps/fediz-idp-sts/WEB-INF/data/passwords.xml. The following users are already configured for the Realm A and can easily be extended.

...

The claims of each user are configured in a spring configuration file webapps/fediz-idp-sts/WEB-INF/data/userClaims.xml. The following claims are already configured:

...