cxf-fediz.git
2 days agoMinor fix master
Colm O hEigeartaigh [Fri, 19 Jan 2018 11:59:32 +0000 (11:59 +0000)] 
Minor fix

2 weeks agoUpdating NOTICE year
Colm O hEigeartaigh [Thu, 4 Jan 2018 13:14:09 +0000 (13:14 +0000)] 
Updating NOTICE year

5 weeks agoJackson upgrade
Colm O hEigeartaigh [Tue, 12 Dec 2017 10:37:18 +0000 (10:37 +0000)] 
Jackson upgrade

7 weeks agoKerby upgrade
Colm O hEigeartaigh [Mon, 27 Nov 2017 12:48:19 +0000 (12:48 +0000)] 
Kerby upgrade

8 weeks agoAdding 1.4.3 release notes
Colm O hEigeartaigh [Thu, 23 Nov 2017 13:06:33 +0000 (13:06 +0000)] 
Adding 1.4.3 release notes

2 months agoIDP maxParameter size is set only if positive
gonzalad [Fri, 17 Nov 2017 00:27:38 +0000 (01:27 +0100)] 
IDP maxParameter size is set only if positive

maxParameter size should be set only if positive,
otherwise, we'll use default value.

2 months agofix ut Spring Plugin relativePath
gonzalad [Tue, 14 Nov 2017 21:59:08 +0000 (22:59 +0100)] 
fix ut Spring Plugin relativePath

Fix unit tests for Spring Plugin relativePath.

2 months agoFEDIZ-212: fix logout when no httpSession present
gonzalad [Tue, 14 Nov 2017 17:49:33 +0000 (18:49 +0100)] 
FEDIZ-212: fix logout when no httpSession present

* FEDIZ-212: fix logout when no httpSession present

Add allowAnonymousLogout attribute.

When this attribute is explicitly set to true, if a non-logged-in user
tries to logout, logout process continues without raising a OAuthServiceException.

Otherwise, it works as before : OIDC throws a OAuthServiceException if a non
logged-in user tries to logout.

2 months agoDBLoaderSpring propagates caller environment
gonzalad [Sun, 12 Nov 2017 22:58:00 +0000 (23:58 +0100)] 
DBLoaderSpring propagates caller environment

DBLoaderSpring now propagates the Spring
environment from the calling context.

2 months agoAdd relativePath to Spring RP Plugin
gonzalad [Tue, 14 Nov 2017 17:40:27 +0000 (18:40 +0100)] 
Add relativePath to Spring RP Plugin

The new relativePath allows to reference files
in fediz_config.xml from a relative location.

2 months agoid_token exp should be computed at creation time
gonzalad [Tue, 14 Nov 2017 17:39:41 +0000 (18:39 +0100)] 
id_token exp should be computed at creation time

id_token expiry claim is now computed at id_token generation time.

It was previously computed from SAML token expiry.
Since SAML token is generated once per OIDC httpSession
and can be reused for generating multiple id_token, it introduced
some issues where the id_token is generated with an already expired claim.

We now compute the exp claim as :

 * use timeToLive attribute of FedizSubjectCreator if it is strictly positive.
 * use maxInactiveInterval from httpSession if it is strictly positive.
 * otherwise use the default of 1 hour.

2 months agoUpdating Tomcat
Colm O hEigeartaigh [Tue, 14 Nov 2017 15:41:17 +0000 (15:41 +0000)] 
Updating Tomcat

2 months agoUpdating CXF
Colm O hEigeartaigh [Tue, 7 Nov 2017 10:34:14 +0000 (10:34 +0000)] 
Updating CXF

2 months agoUpdate HowToGenerateKeysREADME.html
Matthew Broadhead [Sat, 28 Oct 2017 18:20:07 +0000 (20:20 +0200)] 
Update HowToGenerateKeysREADME.html
 - This closes #22

idp-ssl-key.jks is mentioned as idp-ssl-server.jks

2 months agoThis closes #21
Colm O hEigeartaigh [Tue, 31 Oct 2017 11:47:05 +0000 (11:47 +0000)] 
This closes #21

2 months agoUpdate HowToGenerateKeysREADME.html
Matthew Broadhead [Thu, 26 Oct 2017 08:53:04 +0000 (10:53 +0200)] 
Update HowToGenerateKeysREADME.html

examples/samplekeys/ststrust.jks contains alias idpcert but this how to does not mention that it should be added

2 months agoCompiler plugin upgrade
Colm O hEigeartaigh [Thu, 26 Oct 2017 11:34:43 +0000 (12:34 +0100)] 
Compiler plugin upgrade

2 months agoUpdating BUILDING.txt
Colm O hEigeartaigh [Wed, 25 Oct 2017 11:08:34 +0000 (12:08 +0100)] 
Updating BUILDING.txt

2 months agoFixing formatting
Colm O hEigeartaigh [Wed, 25 Oct 2017 10:52:52 +0000 (11:52 +0100)] 
Fixing formatting

3 months agoRevert "Adding for SAML endpoint as well"
Colm O hEigeartaigh [Thu, 19 Oct 2017 15:10:07 +0000 (16:10 +0100)] 
Revert "Adding for SAML endpoint as well"

This reverts commit 4dfdfe133b9eec162fb299f74e76774c3cf72200.

3 months agoAdding for SAML endpoint as well
Colm O hEigeartaigh [Thu, 19 Oct 2017 14:53:47 +0000 (15:53 +0100)] 
Adding for SAML endpoint as well

3 months agoAdding CSRF part for the login form
Colm O hEigeartaigh [Thu, 19 Oct 2017 14:20:59 +0000 (15:20 +0100)] 
Adding CSRF part for the login form

3 months agoUpdating surefire
Colm O hEigeartaigh [Wed, 18 Oct 2017 11:49:10 +0000 (12:49 +0100)] 
Updating surefire

3 months agoAdding ErrorProne plugin
Colm O hEigeartaigh [Mon, 16 Oct 2017 10:57:12 +0000 (11:57 +0100)] 
Adding ErrorProne plugin

3 months agoFEDIZ-213 - Spring plugins don't handle token expiration properly
Colm O hEigeartaigh [Wed, 11 Oct 2017 08:42:51 +0000 (09:42 +0100)] 
FEDIZ-213 - Spring plugins don't handle token expiration properly

3 months agoAdding token expiration tests for the plugins
Colm O hEigeartaigh [Tue, 10 Oct 2017 14:52:48 +0000 (15:52 +0100)] 
Adding token expiration tests for the plugins

3 months agoSome improvements to the Spring plugins
Colm O hEigeartaigh [Fri, 6 Oct 2017 15:16:19 +0000 (16:16 +0100)] 
Some improvements to the Spring plugins

3 months agoFEDIZ-211 - Local IdP redirection (after token expiry) is not working
Colm O hEigeartaigh [Thu, 5 Oct 2017 14:23:14 +0000 (15:23 +0100)] 
FEDIZ-211 - Local IdP redirection (after token expiry) is not working

3 months agoConsolidating some of the Tomcat test config files
Colm O hEigeartaigh [Thu, 5 Oct 2017 13:12:46 +0000 (14:12 +0100)] 
Consolidating some of the Tomcat test config files

3 months agoFixing a few code warnings
Colm O hEigeartaigh [Thu, 5 Oct 2017 12:58:21 +0000 (13:58 +0100)] 
Fixing a few code warnings

3 months agoRemoving old spring2 test config
Colm O hEigeartaigh [Wed, 4 Oct 2017 18:21:10 +0000 (19:21 +0100)] 
Removing old spring2 test config

3 months agoFEDIZ-210 - Limit IdP request parameter size
Colm O hEigeartaigh [Fri, 29 Sep 2017 12:20:48 +0000 (13:20 +0100)] 
FEDIZ-210 - Limit IdP request parameter size

3 months agoUpgrading to CXF 3.2.x
Colm O hEigeartaigh [Wed, 27 Sep 2017 13:28:16 +0000 (14:28 +0100)] 
Upgrading to CXF 3.2.x

3 months agoMove to use Java 8's Base64 implementation
Colm O hEigeartaigh [Tue, 26 Sep 2017 17:01:42 +0000 (18:01 +0100)] 
Move to use Java 8's Base64 implementation

3 months agoUpgrade STS + IdP integration tests to use the jetty9 maven plugin
Colm O hEigeartaigh [Tue, 26 Sep 2017 12:38:12 +0000 (13:38 +0100)] 
Upgrade STS + IdP integration tests to use the jetty9 maven plugin

4 months agoRemoving PermGen stuff
Colm O hEigeartaigh [Tue, 12 Sep 2017 16:43:17 +0000 (17:43 +0100)] 
Removing PermGen stuff

4 months agoFixing scm stuff
Colm O hEigeartaigh [Tue, 12 Sep 2017 13:40:00 +0000 (14:40 +0100)] 
Fixing scm stuff

4 months agoUpdating release notes for 1.4.2
Colm O hEigeartaigh [Tue, 12 Sep 2017 12:10:23 +0000 (13:10 +0100)] 
Updating release notes for 1.4.2

4 months agoFEDIZ-209 - Make FedizResponse properly serializable
Colm O hEigeartaigh [Tue, 12 Sep 2017 12:10:09 +0000 (13:10 +0100)] 
FEDIZ-209 - Make FedizResponse properly serializable

4 months agoUpdating to released CXF version
Colm O hEigeartaigh [Mon, 11 Sep 2017 16:25:09 +0000 (17:25 +0100)] 
Updating to released CXF version

4 months agoAdding an option to strip a path comp off from the dynamically calculated issuer uri
Sergey Beryozkin [Fri, 8 Sep 2017 10:58:40 +0000 (11:58 +0100)] 
Adding an option to strip a path comp off from the dynamically calculated issuer uri

4 months agoWSS4J + Kerby update
Colm O hEigeartaigh [Mon, 4 Sep 2017 17:05:48 +0000 (18:05 +0100)] 
WSS4J + Kerby update

4 months agoUpdating Tomcat8
Colm O hEigeartaigh [Wed, 30 Aug 2017 14:19:13 +0000 (15:19 +0100)] 
Updating Tomcat8

4 months ago[FEDIZ-207] Using the login name for a moment
Sergey Beryozkin [Tue, 29 Aug 2017 14:37:30 +0000 (15:37 +0100)] 
[FEDIZ-207] Using the login name for a moment

4 months agoAdding a name claim hint to the logout token
Sergey Beryozkin [Mon, 28 Aug 2017 10:44:22 +0000 (11:44 +0100)] 
Adding a name claim hint to the logout token

5 months agoTweaking a bit a stack trace related log message
Sergey Beryozkin [Fri, 18 Aug 2017 10:28:57 +0000 (11:28 +0100)] 
Tweaking a bit a stack trace related log message

5 months agoAnd adding some logging to BackChannelLogoutHandler as suggested by Ievgen
Sergey Beryozkin [Fri, 18 Aug 2017 10:19:29 +0000 (11:19 +0100)] 
And adding some logging to BackChannelLogoutHandler as suggested by Ievgen

5 months agoFixing a typo in BackChannelLogoutHandler as spotted by Ievgen Tarasov
Sergey Beryozkin [Fri, 18 Aug 2017 09:47:05 +0000 (10:47 +0100)] 
Fixing a typo in BackChannelLogoutHandler as spotted by Ievgen Tarasov

5 months agoSome dependency updates
Colm O hEigeartaigh [Wed, 16 Aug 2017 10:50:32 +0000 (11:50 +0100)] 
Some dependency updates

5 months agoUpdating release notes
Colm O hEigeartaigh [Mon, 14 Aug 2017 11:12:37 +0000 (12:12 +0100)] 
Updating release notes

5 months agoUpdating a few dependencies
Colm O hEigeartaigh [Fri, 11 Aug 2017 14:44:47 +0000 (15:44 +0100)] 
Updating a few dependencies

5 months agoRemoving accidental commit
Colm O hEigeartaigh [Thu, 10 Aug 2017 16:43:29 +0000 (17:43 +0100)] 
Removing accidental commit

5 months agoUpgrading Spring Webflow
Colm O hEigeartaigh [Wed, 9 Aug 2017 17:02:11 +0000 (18:02 +0100)] 
Upgrading Spring Webflow

5 months agoFix to default to taking the RACS URL from the application configuration.
Colm O hEigeartaigh [Wed, 9 Aug 2017 14:25:45 +0000 (15:25 +0100)] 
Fix to default to taking the RACS URL from the application configuration.

5 months agoFEDIZ-205 - Support creating IdP Metadata for SAML SSO
Colm O hEigeartaigh [Wed, 9 Aug 2017 11:41:34 +0000 (12:41 +0100)] 
FEDIZ-205 - Support creating IdP Metadata for SAML SSO

5 months agoFixing tests
Colm O hEigeartaigh [Wed, 9 Aug 2017 11:39:19 +0000 (12:39 +0100)] 
Fixing tests

5 months agoSwitch the SAML issuer to be the IDP URL as opposed to the realm
Colm O hEigeartaigh [Wed, 9 Aug 2017 10:45:37 +0000 (11:45 +0100)] 
Switch the SAML issuer to be the IDP URL as opposed to the realm

5 months agoReturn the IdP metadata if no realm is specified.
Colm O hEigeartaigh [Wed, 9 Aug 2017 09:26:38 +0000 (10:26 +0100)] 
Return the IdP metadata if no realm is specified.

5 months agoUsed StandardCharsets in a few places
Colm O hEigeartaigh [Fri, 4 Aug 2017 11:57:52 +0000 (12:57 +0100)] 
Used StandardCharsets in a few places

5 months ago[Fediz-203] Making roles available for custom userInfoProvider
Jan Bernhardt [Fri, 28 Jul 2017 16:33:15 +0000 (18:33 +0200)] 
[Fediz-203] Making roles available for custom userInfoProvider

5 months agoMake sure we have an IdP token
Colm O hEigeartaigh [Mon, 24 Jul 2017 16:38:48 +0000 (17:38 +0100)] 
Make sure we have an IdP token

6 months agoRemoving some printlns
Colm O hEigeartaigh [Wed, 12 Jul 2017 17:03:30 +0000 (18:03 +0100)] 
Removing some printlns

6 months agoRemoving most of the info logging to the console for the systests
Colm O hEigeartaigh [Wed, 12 Jul 2017 16:59:31 +0000 (17:59 +0100)] 
Removing most of the info logging to the console for the systests

6 months agoAdding a test to show how to federate "unknown" subjects in the local STS
Colm O hEigeartaigh [Wed, 12 Jul 2017 15:39:05 +0000 (16:39 +0100)] 
Adding a test to show how to federate "unknown" subjects in the local STS

6 months ago[FEDIZ-203] Adding Jan's test too
Sergey Beryozkin [Wed, 12 Jul 2017 14:40:13 +0000 (15:40 +0100)] 
[FEDIZ-203] Adding Jan's test too

6 months ago[FEDIZ-203] Fediz-level work based on Jan's contribution
Sergey Beryozkin [Wed, 12 Jul 2017 13:45:30 +0000 (14:45 +0100)] 
[FEDIZ-203] Fediz-level work based on Jan's contribution

6 months agoRefactor of systests
Colm O hEigeartaigh [Wed, 12 Jul 2017 09:49:11 +0000 (10:49 +0100)] 
Refactor of systests

6 months agoRemoving BouncyCastle
Colm O hEigeartaigh [Tue, 11 Jul 2017 16:23:00 +0000 (17:23 +0100)] 
Removing BouncyCastle

6 months agoFEDIZ-204 - Drop Tomcat7, Jetty8, Spring Sec 2 containers
Colm O hEigeartaigh [Tue, 11 Jul 2017 16:19:29 +0000 (17:19 +0100)] 
FEDIZ-204 - Drop Tomcat7, Jetty8, Spring Sec 2 containers

6 months agoUpdating jdk version
Colm O hEigeartaigh [Tue, 11 Jul 2017 14:30:14 +0000 (15:30 +0100)] 
Updating jdk version

6 months agoUpdating master to 2.0.0-SNAPSHOT
Colm O hEigeartaigh [Tue, 11 Jul 2017 13:44:09 +0000 (14:44 +0100)] 
Updating master to 2.0.0-SNAPSHOT

6 months agoAdding roles tests
Colm O hEigeartaigh [Mon, 10 Jul 2017 10:48:47 +0000 (11:48 +0100)] 
Adding roles tests

6 months agoFixing typo with using URI as the key instead of a String
Colm O hEigeartaigh [Mon, 10 Jul 2017 10:40:13 +0000 (11:40 +0100)] 
Fixing typo with using URI as the key instead of a String

6 months agoReporting the roles as JSON array only
Sergey Beryozkin [Fri, 7 Jul 2017 12:11:31 +0000 (13:11 +0100)] 
Reporting the roles as JSON array only

6 months agoAnd setting it on the subjectCreator
Sergey Beryozkin [Fri, 7 Jul 2017 11:50:09 +0000 (12:50 +0100)] 
And setting it on the subjectCreator

6 months agoMaking the roles supported OOB
Sergey Beryozkin [Fri, 7 Jul 2017 11:42:42 +0000 (12:42 +0100)] 
Making the roles supported OOB

6 months agoAdjusting a bit the way the role claim is checked
Sergey Beryozkin [Fri, 7 Jul 2017 11:28:08 +0000 (12:28 +0100)] 
Adjusting a bit the way the role claim is checked

6 months agoFixing system test to always send Basic Auth creds to the token endpoint
Colm O hEigeartaigh [Mon, 3 Jul 2017 14:01:16 +0000 (15:01 +0100)] 
Fixing system test to always send Basic Auth creds to the token endpoint

6 months agoCXF upgrade
Colm O hEigeartaigh [Mon, 3 Jul 2017 09:01:48 +0000 (10:01 +0100)] 
CXF upgrade

6 months agoNormalizing logout service URIs, patch from Adrian Gonzalez applied, This closes #19
Sergey Beryozkin [Fri, 23 Jun 2017 10:26:55 +0000 (11:26 +0100)] 
Normalizing logout service URIs, patch from Adrian Gonzalez applied, This closes #19

7 months agoExclude bouncyCastle from the IdP
Colm O hEigeartaigh [Thu, 8 Jun 2017 09:18:58 +0000 (10:18 +0100)] 
Exclude bouncyCastle from the IdP

7 months agoRemove unused version
Colm O hEigeartaigh [Wed, 7 Jun 2017 16:16:25 +0000 (17:16 +0100)] 
Remove unused version

7 months agoApache DS upgrade
Colm O hEigeartaigh [Wed, 7 Jun 2017 10:18:08 +0000 (11:18 +0100)] 
Apache DS upgrade

7 months agoAdding token hint test
Colm O hEigeartaigh [Tue, 6 Jun 2017 16:26:10 +0000 (17:26 +0100)] 
Adding token hint test

7 months agoUsing the right Client instance for handling back channel requests
Sergey Beryozkin [Fri, 2 Jun 2017 16:02:00 +0000 (17:02 +0100)] 
Using the right Client instance for handling back channel requests

7 months agoMaking sure a given Client only gets a single back channel logout request
Sergey Beryozkin [Fri, 2 Jun 2017 15:58:11 +0000 (16:58 +0100)] 
Making sure a given Client only gets a single back channel logout request

7 months agoMinonr update
Sergey Beryozkin [Fri, 2 Jun 2017 12:43:21 +0000 (13:43 +0100)] 
Minonr update

7 months agoMaking sure BackChannel handler can use id_token_hint if it is available
Sergey Beryozkin [Fri, 2 Jun 2017 12:42:31 +0000 (13:42 +0100)] 
Making sure BackChannel handler can use id_token_hint if it is available

7 months agoPrototyping the initial back channel logout code
Sergey Beryozkin [Fri, 2 Jun 2017 12:22:45 +0000 (13:22 +0100)] 
Prototyping the initial back channel logout code

7 months agoConverting JoseException to 400
Sergey Beryozkin [Wed, 31 May 2017 15:39:13 +0000 (16:39 +0100)] 
Converting JoseException to 400

7 months agoidp_token_hint support for LogoutService
Sergey Beryozkin [Wed, 31 May 2017 13:39:10 +0000 (14:39 +0100)] 
idp_token_hint support for LogoutService

7 months agoEnforcing that if a client provides a logout_uri a size of the list of post_logout_ur...
Sergey Beryozkin [Wed, 31 May 2017 10:15:18 +0000 (11:15 +0100)] 
Enforcing that if a client provides a logout_uri a size of the list of post_logout_uris is 1 then the values must match

7 months agoUpdating BouncyCastle
Colm O hEigeartaigh [Thu, 25 May 2017 19:30:42 +0000 (20:30 +0100)] 
Updating BouncyCastle

8 months agoModify DOMUtils just to use a static DocumentBuilderFactory
Colm O hEigeartaigh [Fri, 19 May 2017 10:05:17 +0000 (11:05 +0100)] 
Modify DOMUtils just to use a static DocumentBuilderFactory

8 months agoEscape error messages relating to invalid URIs etc.
Colm O hEigeartaigh [Thu, 18 May 2017 09:22:16 +0000 (10:22 +0100)] 
Escape error messages relating to invalid URIs etc.

8 months agoRemove ESAPI
Colm O hEigeartaigh [Wed, 17 May 2017 16:29:57 +0000 (17:29 +0100)] 
Remove ESAPI

8 months agoAdding Batik notices
Colm O hEigeartaigh [Tue, 16 May 2017 11:25:33 +0000 (12:25 +0100)] 
Adding Batik notices

8 months agoAdding more licensing information
Colm O hEigeartaigh [Tue, 16 May 2017 11:16:06 +0000 (12:16 +0100)] 
Adding more licensing information

8 months agoMore licensing/notice work
Colm O hEigeartaigh [Mon, 15 May 2017 10:41:49 +0000 (11:41 +0100)] 
More licensing/notice work

8 months agoSwitching to use Apache Kerby 1.0.0 for kerberos integration testing
Colm O hEigeartaigh [Mon, 15 May 2017 09:07:48 +0000 (10:07 +0100)] 
Switching to use Apache Kerby 1.0.0 for kerberos integration testing