Mirror of Apache CXF

Clone this repo:
  1. 820093a Merge pull request #175 from apache/dependabot/github_actions/github/codeql-action-2.3.5 by Colm O hEigeartaigh · 4 days ago main
  2. 646057e Bump github/codeql-action from 2.3.3 to 2.3.5 by dependabot[bot] · 4 days ago
  3. 0e37539 Merge pull request #174 from apache/dependabot/maven/com.fasterxml.jackson-jackson-bom-2.15.1 by Colm O hEigeartaigh · 10 days ago
  4. 5c82323 Bump jackson-bom from 2.15.0 to 2.15.1 by dependabot[bot] · 10 days ago
  5. 5a38031 Merge pull request #173 from apache/coheigea/cxf by Colm O hEigeartaigh · 3 weeks ago

Build Status Maven Central OpenSSF Scorecard

Welcome to Apache CXF Fediz!

Fediz helps you secure your web applications by delegating security enforcement to the underlying application server. With Fediz, authentication is externalized from your web application to an identity provider installed as a dedicated server component. The supported standard is WS-Federation 1.2 Passive Requestor Profile. Fediz supports Claims Based Access Control beyond Role Based Access Control (RBAC).

Fediz includes the following feature set:

WS-Federation 1.1/1.2
SAML 1.1/2.0 Tokens
Custom token support
Publish WS-Federation Metadata document
Role information encoded as AttributeStatement in SAML 1.1/2.0 tokens
Claims information provided by FederationPrincipal interface
OpenId Connect (OIDC)

Export Notice

This distribution includes cryptographic software. The country in which you currently reside may have restrictions on the import, possession, use, and/or re-export to another country, of encryption software. BEFORE using any encryption software, please check your country's laws, regulations and policies concerning the import, possession, or use, and re-export of encryption software, to see if this is permitted. See http://www.wassenaar.org/ for more information.

The U.S. Government Department of Commerce, Bureau of Industry and Security (BIS), has classified this software as Export Commodity Control Number (ECCN) 5D002.C.1, which includes information security software using or performing cryptographic functions with asymmetric algorithms. The form and manner of this Apache Software Foundation distribution makes it eligible for export under the License Exception ENC Technology Software Unrestricted (TSU) exception (see the BIS Export Administration Regulations, Section 740.13) for both object code and source code.

The following provides more details on the included cryptographic software: http://santuario.apache.org/ http://www.bouncycastle.org/ http://ws.apache.org/wss4j/

Getting Started

For an Apache CXF Fediz source distribution, please read BUILDING.txt in this folder for instructions on building Apache CXF Fediz.

For an Apache CXF Fediz binary distribution, please read release_notes.txt for installation instructions and list of supported and unsupported features.

Check the Fediz website for the latest news: http://cxf.apache.org/fediz.html

If you need more help try talking to us on our mailing lists: http://cxf.apache.org/mailing-lists.html

If you find any issues with Fediz, please submit reports with JIRA here: https://issues.apache.org/jira/browse/FEDIZ

We welcome contributions, and encourage you to get involved in the CXF community. If you'd like to learn more about how you can contribute, please see: http://cxf.apache.org/getting-involved.html

Thank you for using CXF Fediz!

The Apache CXF Team http://cxf.apache.org/