November 11, 2013

Apache CXF FEDIZ 1.1.0 released

The CXF community has released the new Version of Apache CXF Fediz. Fediz helps you to secure your web applications and delegate security context to the underlying application which can be used for impersonation when calling other Web Services. With Fediz, authentication is externalized from your web application to an identity provider installed as a dedicated server component. The supported standard is WS-Federation Passive Requestor Profile.

The following features has been added:

  • Fediz IDP supports Resource and Requestor IDP role, Home Realm Discovery Service, ...
  • SAML Holder-Of-Key supported
  • Encrypted SAML Tokens supported
  • Support for Jetty, Websphere and Spring Security 2.0/3.1
  • Publish WS-Federation Metadata document for RP and IDP

The major contribution is the refactoring of the IDP to leverage the functionality and flexibility provided by Spring Web Flow and Spring Security. I wrote about this new feature here. More details to come like customizing the signin flow, etc.

Release notes are available here.

For more information see:


Features to come in the next release:
  • Integration with CXF JAX-RS
  • SAML-P support
Feel free to raise enhancement requests and issues in the JIRA project

Thank you for all support and feedback!