cxf-fediz.git
13 hours agoSwitching static DocumentBuilderFactory to use a ThreadLocal instead master
Colm O hEigeartaigh [Tue, 22 May 2018 13:25:23 +0000 (14:25 +0100)] 
Switching static DocumentBuilderFactory to use a ThreadLocal instead

5 days agoAdding CSRF tests for SAML SSO
Colm O hEigeartaigh [Thu, 17 May 2018 16:30:42 +0000 (17:30 +0100)] 
Adding CSRF tests for SAML SSO

5 days agoAdding entity expansion attacks for SAML SSO
Colm O hEigeartaigh [Thu, 17 May 2018 16:22:35 +0000 (17:22 +0100)] 
Adding entity expansion attacks for SAML SSO

5 days agoAdd support to redirect the SAML SSO RP when the session expires
Colm O hEigeartaigh [Thu, 17 May 2018 16:09:12 +0000 (17:09 +0100)] 
Add support to redirect the SAML SSO RP when the session expires

5 days agoAdding a modified SignatureValue test for SAML SSO
Colm O hEigeartaigh [Thu, 17 May 2018 13:23:33 +0000 (14:23 +0100)] 
Adding a modified SignatureValue test for SAML SSO

5 days agoUpdating Tomcat
Colm O hEigeartaigh [Thu, 17 May 2018 11:07:31 +0000 (12:07 +0100)] 
Updating Tomcat

5 days agoEnabled modified signature test for SAML SSO
Colm O hEigeartaigh [Thu, 17 May 2018 09:52:52 +0000 (10:52 +0100)] 
Enabled modified signature test for SAML SSO

6 days agoAdding SAML SSO RP tests
Colm O hEigeartaigh [Wed, 16 May 2018 16:42:09 +0000 (17:42 +0100)] 
Adding SAML SSO RP tests

6 days agoFix to get correct context variable in the Tomcat8 handler for SAML SSO
Colm O hEigeartaigh [Wed, 16 May 2018 15:04:57 +0000 (16:04 +0100)] 
Fix to get correct context variable in the Tomcat8 handler for SAML SSO

6 days agoFixing failing test
Colm O hEigeartaigh [Wed, 16 May 2018 13:28:00 +0000 (14:28 +0100)] 
Fixing failing test

6 days agoMerge pull request #27 from amergey/master
Colm O hEigeartaigh [Wed, 16 May 2018 13:04:46 +0000 (14:04 +0100)] 
Merge pull request #27 from amergey/master

[FEDIZ-217] Fix SAML authentication in Plugin

8 days ago[FEDIZ-217] Fix SAML authentication in Plugin 27/head
arnaud.mergey@semarchy.com [Mon, 14 May 2018 15:58:40 +0000 (17:58 +0200)] 
[FEDIZ-217] Fix SAML authentication in Plugin

RequestState needs to be saved before redirecting to IDP in order to be
retrieved when IDP post back authentication token.

2 weeks agoEnsure relayState is url-encoded as well
Francesco Chicchiricc├▓ [Tue, 8 May 2018 13:08:35 +0000 (15:08 +0200)] 
Ensure relayState is url-encoded as well

2 weeks agoUpport different signature algorithms for the SAML SSO Redirect Binding
Colm O hEigeartaigh [Wed, 2 May 2018 10:08:53 +0000 (11:08 +0100)] 
Upport different signature algorithms for the SAML SSO Redirect Binding

2 weeks agoUpdating CXF + WSS4J
Colm O hEigeartaigh [Wed, 2 May 2018 10:08:42 +0000 (11:08 +0100)] 
Updating CXF + WSS4J

6 weeks agoUpgrading Tomcat
Colm O hEigeartaigh [Tue, 10 Apr 2018 09:15:36 +0000 (10:15 +0100)] 
Upgrading Tomcat

8 weeks agoUpdating to CXF 3.2.4
Colm O hEigeartaigh [Mon, 26 Mar 2018 14:58:12 +0000 (15:58 +0100)] 
Updating to CXF 3.2.4

2 months agoUpdating CXF
Colm O hEigeartaigh [Tue, 20 Mar 2018 10:31:53 +0000 (10:31 +0000)] 
Updating CXF

2 months agoTomcat update
Colm O hEigeartaigh [Tue, 13 Mar 2018 16:26:31 +0000 (16:26 +0000)] 
Tomcat update

2 months agoAdding further DocType test for the plugins
Colm O hEigeartaigh [Thu, 8 Mar 2018 14:51:48 +0000 (14:51 +0000)] 
Adding further DocType test for the plugins

2 months agoAdding the secure processing feature in the IdP
Colm O hEigeartaigh [Thu, 8 Mar 2018 10:42:25 +0000 (10:42 +0000)] 
Adding the secure processing feature in the IdP

2 months agoMake sure DocTypes are disallowed
Colm O hEigeartaigh [Wed, 7 Mar 2018 17:26:25 +0000 (17:26 +0000)] 
Make sure DocTypes are disallowed

2 months agoUpdating Apache parent pom
Colm O hEigeartaigh [Mon, 5 Mar 2018 18:36:04 +0000 (18:36 +0000)] 
Updating Apache parent pom

2 months agoAdding a test for a SAML Subject with a comment
Colm O hEigeartaigh [Wed, 28 Feb 2018 13:02:10 +0000 (13:02 +0000)] 
Adding a test for a SAML Subject with a comment

3 months agoUpdating Tomcat
Colm O hEigeartaigh [Tue, 13 Feb 2018 16:12:01 +0000 (16:12 +0000)] 
Updating Tomcat

3 months agoCXF upgrade
Colm O hEigeartaigh [Wed, 7 Feb 2018 10:06:25 +0000 (10:06 +0000)] 
CXF upgrade

3 months agoUpdating WSS4J
Colm O hEigeartaigh [Tue, 30 Jan 2018 12:32:04 +0000 (12:32 +0000)] 
Updating WSS4J

4 months agoMinor fix
Colm O hEigeartaigh [Fri, 19 Jan 2018 11:59:32 +0000 (11:59 +0000)] 
Minor fix

4 months agoUpdating NOTICE year
Colm O hEigeartaigh [Thu, 4 Jan 2018 13:14:09 +0000 (13:14 +0000)] 
Updating NOTICE year

5 months agoJackson upgrade
Colm O hEigeartaigh [Tue, 12 Dec 2017 10:37:18 +0000 (10:37 +0000)] 
Jackson upgrade

5 months agoKerby upgrade
Colm O hEigeartaigh [Mon, 27 Nov 2017 12:48:19 +0000 (12:48 +0000)] 
Kerby upgrade

5 months agoAdding 1.4.3 release notes
Colm O hEigeartaigh [Thu, 23 Nov 2017 13:06:33 +0000 (13:06 +0000)] 
Adding 1.4.3 release notes

6 months agoIDP maxParameter size is set only if positive
gonzalad [Fri, 17 Nov 2017 00:27:38 +0000 (01:27 +0100)] 
IDP maxParameter size is set only if positive

maxParameter size should be set only if positive,
otherwise, we'll use default value.

6 months agofix ut Spring Plugin relativePath
gonzalad [Tue, 14 Nov 2017 21:59:08 +0000 (22:59 +0100)] 
fix ut Spring Plugin relativePath

Fix unit tests for Spring Plugin relativePath.

6 months agoFEDIZ-212: fix logout when no httpSession present
gonzalad [Tue, 14 Nov 2017 17:49:33 +0000 (18:49 +0100)] 
FEDIZ-212: fix logout when no httpSession present

* FEDIZ-212: fix logout when no httpSession present

Add allowAnonymousLogout attribute.

When this attribute is explicitly set to true, if a non-logged-in user
tries to logout, logout process continues without raising a OAuthServiceException.

Otherwise, it works as before : OIDC throws a OAuthServiceException if a non
logged-in user tries to logout.

6 months agoDBLoaderSpring propagates caller environment
gonzalad [Sun, 12 Nov 2017 22:58:00 +0000 (23:58 +0100)] 
DBLoaderSpring propagates caller environment

DBLoaderSpring now propagates the Spring
environment from the calling context.

6 months agoAdd relativePath to Spring RP Plugin
gonzalad [Tue, 14 Nov 2017 17:40:27 +0000 (18:40 +0100)] 
Add relativePath to Spring RP Plugin

The new relativePath allows to reference files
in fediz_config.xml from a relative location.

6 months agoid_token exp should be computed at creation time
gonzalad [Tue, 14 Nov 2017 17:39:41 +0000 (18:39 +0100)] 
id_token exp should be computed at creation time

id_token expiry claim is now computed at id_token generation time.

It was previously computed from SAML token expiry.
Since SAML token is generated once per OIDC httpSession
and can be reused for generating multiple id_token, it introduced
some issues where the id_token is generated with an already expired claim.

We now compute the exp claim as :

 * use timeToLive attribute of FedizSubjectCreator if it is strictly positive.
 * use maxInactiveInterval from httpSession if it is strictly positive.
 * otherwise use the default of 1 hour.

6 months agoUpdating Tomcat
Colm O hEigeartaigh [Tue, 14 Nov 2017 15:41:17 +0000 (15:41 +0000)] 
Updating Tomcat

6 months agoUpdating CXF
Colm O hEigeartaigh [Tue, 7 Nov 2017 10:34:14 +0000 (10:34 +0000)] 
Updating CXF

6 months agoUpdate HowToGenerateKeysREADME.html
Matthew Broadhead [Sat, 28 Oct 2017 18:20:07 +0000 (20:20 +0200)] 
Update HowToGenerateKeysREADME.html
 - This closes #22

idp-ssl-key.jks is mentioned as idp-ssl-server.jks

6 months agoThis closes #21
Colm O hEigeartaigh [Tue, 31 Oct 2017 11:47:05 +0000 (11:47 +0000)] 
This closes #21

6 months agoUpdate HowToGenerateKeysREADME.html
Matthew Broadhead [Thu, 26 Oct 2017 08:53:04 +0000 (10:53 +0200)] 
Update HowToGenerateKeysREADME.html

examples/samplekeys/ststrust.jks contains alias idpcert but this how to does not mention that it should be added

6 months agoCompiler plugin upgrade
Colm O hEigeartaigh [Thu, 26 Oct 2017 11:34:43 +0000 (12:34 +0100)] 
Compiler plugin upgrade

6 months agoUpdating BUILDING.txt
Colm O hEigeartaigh [Wed, 25 Oct 2017 11:08:34 +0000 (12:08 +0100)] 
Updating BUILDING.txt

6 months agoFixing formatting
Colm O hEigeartaigh [Wed, 25 Oct 2017 10:52:52 +0000 (11:52 +0100)] 
Fixing formatting

7 months agoRevert "Adding for SAML endpoint as well"
Colm O hEigeartaigh [Thu, 19 Oct 2017 15:10:07 +0000 (16:10 +0100)] 
Revert "Adding for SAML endpoint as well"

This reverts commit 4dfdfe133b9eec162fb299f74e76774c3cf72200.

7 months agoAdding for SAML endpoint as well
Colm O hEigeartaigh [Thu, 19 Oct 2017 14:53:47 +0000 (15:53 +0100)] 
Adding for SAML endpoint as well

7 months agoAdding CSRF part for the login form
Colm O hEigeartaigh [Thu, 19 Oct 2017 14:20:59 +0000 (15:20 +0100)] 
Adding CSRF part for the login form

7 months agoUpdating surefire
Colm O hEigeartaigh [Wed, 18 Oct 2017 11:49:10 +0000 (12:49 +0100)] 
Updating surefire

7 months agoAdding ErrorProne plugin
Colm O hEigeartaigh [Mon, 16 Oct 2017 10:57:12 +0000 (11:57 +0100)] 
Adding ErrorProne plugin

7 months agoFEDIZ-213 - Spring plugins don't handle token expiration properly
Colm O hEigeartaigh [Wed, 11 Oct 2017 08:42:51 +0000 (09:42 +0100)] 
FEDIZ-213 - Spring plugins don't handle token expiration properly

7 months agoAdding token expiration tests for the plugins
Colm O hEigeartaigh [Tue, 10 Oct 2017 14:52:48 +0000 (15:52 +0100)] 
Adding token expiration tests for the plugins

7 months agoSome improvements to the Spring plugins
Colm O hEigeartaigh [Fri, 6 Oct 2017 15:16:19 +0000 (16:16 +0100)] 
Some improvements to the Spring plugins

7 months agoFEDIZ-211 - Local IdP redirection (after token expiry) is not working
Colm O hEigeartaigh [Thu, 5 Oct 2017 14:23:14 +0000 (15:23 +0100)] 
FEDIZ-211 - Local IdP redirection (after token expiry) is not working

7 months agoConsolidating some of the Tomcat test config files
Colm O hEigeartaigh [Thu, 5 Oct 2017 13:12:46 +0000 (14:12 +0100)] 
Consolidating some of the Tomcat test config files

7 months agoFixing a few code warnings
Colm O hEigeartaigh [Thu, 5 Oct 2017 12:58:21 +0000 (13:58 +0100)] 
Fixing a few code warnings

7 months agoRemoving old spring2 test config
Colm O hEigeartaigh [Wed, 4 Oct 2017 18:21:10 +0000 (19:21 +0100)] 
Removing old spring2 test config

7 months agoFEDIZ-210 - Limit IdP request parameter size
Colm O hEigeartaigh [Fri, 29 Sep 2017 12:20:48 +0000 (13:20 +0100)] 
FEDIZ-210 - Limit IdP request parameter size

7 months agoUpgrading to CXF 3.2.x
Colm O hEigeartaigh [Wed, 27 Sep 2017 13:28:16 +0000 (14:28 +0100)] 
Upgrading to CXF 3.2.x

7 months agoMove to use Java 8's Base64 implementation
Colm O hEigeartaigh [Tue, 26 Sep 2017 17:01:42 +0000 (18:01 +0100)] 
Move to use Java 8's Base64 implementation

7 months agoUpgrade STS + IdP integration tests to use the jetty9 maven plugin
Colm O hEigeartaigh [Tue, 26 Sep 2017 12:38:12 +0000 (13:38 +0100)] 
Upgrade STS + IdP integration tests to use the jetty9 maven plugin

8 months agoRemoving PermGen stuff
Colm O hEigeartaigh [Tue, 12 Sep 2017 16:43:17 +0000 (17:43 +0100)] 
Removing PermGen stuff

8 months agoFixing scm stuff
Colm O hEigeartaigh [Tue, 12 Sep 2017 13:40:00 +0000 (14:40 +0100)] 
Fixing scm stuff

8 months agoUpdating release notes for 1.4.2
Colm O hEigeartaigh [Tue, 12 Sep 2017 12:10:23 +0000 (13:10 +0100)] 
Updating release notes for 1.4.2

8 months agoFEDIZ-209 - Make FedizResponse properly serializable
Colm O hEigeartaigh [Tue, 12 Sep 2017 12:10:09 +0000 (13:10 +0100)] 
FEDIZ-209 - Make FedizResponse properly serializable

8 months agoUpdating to released CXF version
Colm O hEigeartaigh [Mon, 11 Sep 2017 16:25:09 +0000 (17:25 +0100)] 
Updating to released CXF version

8 months agoAdding an option to strip a path comp off from the dynamically calculated issuer uri
Sergey Beryozkin [Fri, 8 Sep 2017 10:58:40 +0000 (11:58 +0100)] 
Adding an option to strip a path comp off from the dynamically calculated issuer uri

8 months agoWSS4J + Kerby update
Colm O hEigeartaigh [Mon, 4 Sep 2017 17:05:48 +0000 (18:05 +0100)] 
WSS4J + Kerby update

8 months agoUpdating Tomcat8
Colm O hEigeartaigh [Wed, 30 Aug 2017 14:19:13 +0000 (15:19 +0100)] 
Updating Tomcat8

8 months ago[FEDIZ-207] Using the login name for a moment
Sergey Beryozkin [Tue, 29 Aug 2017 14:37:30 +0000 (15:37 +0100)] 
[FEDIZ-207] Using the login name for a moment

8 months agoAdding a name claim hint to the logout token
Sergey Beryozkin [Mon, 28 Aug 2017 10:44:22 +0000 (11:44 +0100)] 
Adding a name claim hint to the logout token

9 months agoTweaking a bit a stack trace related log message
Sergey Beryozkin [Fri, 18 Aug 2017 10:28:57 +0000 (11:28 +0100)] 
Tweaking a bit a stack trace related log message

9 months agoAnd adding some logging to BackChannelLogoutHandler as suggested by Ievgen
Sergey Beryozkin [Fri, 18 Aug 2017 10:19:29 +0000 (11:19 +0100)] 
And adding some logging to BackChannelLogoutHandler as suggested by Ievgen

9 months agoFixing a typo in BackChannelLogoutHandler as spotted by Ievgen Tarasov
Sergey Beryozkin [Fri, 18 Aug 2017 09:47:05 +0000 (10:47 +0100)] 
Fixing a typo in BackChannelLogoutHandler as spotted by Ievgen Tarasov

9 months agoSome dependency updates
Colm O hEigeartaigh [Wed, 16 Aug 2017 10:50:32 +0000 (11:50 +0100)] 
Some dependency updates

9 months agoUpdating release notes
Colm O hEigeartaigh [Mon, 14 Aug 2017 11:12:37 +0000 (12:12 +0100)] 
Updating release notes

9 months agoUpdating a few dependencies
Colm O hEigeartaigh [Fri, 11 Aug 2017 14:44:47 +0000 (15:44 +0100)] 
Updating a few dependencies

9 months agoRemoving accidental commit
Colm O hEigeartaigh [Thu, 10 Aug 2017 16:43:29 +0000 (17:43 +0100)] 
Removing accidental commit

9 months agoUpgrading Spring Webflow
Colm O hEigeartaigh [Wed, 9 Aug 2017 17:02:11 +0000 (18:02 +0100)] 
Upgrading Spring Webflow

9 months agoFix to default to taking the RACS URL from the application configuration.
Colm O hEigeartaigh [Wed, 9 Aug 2017 14:25:45 +0000 (15:25 +0100)] 
Fix to default to taking the RACS URL from the application configuration.

9 months agoFEDIZ-205 - Support creating IdP Metadata for SAML SSO
Colm O hEigeartaigh [Wed, 9 Aug 2017 11:41:34 +0000 (12:41 +0100)] 
FEDIZ-205 - Support creating IdP Metadata for SAML SSO

9 months agoFixing tests
Colm O hEigeartaigh [Wed, 9 Aug 2017 11:39:19 +0000 (12:39 +0100)] 
Fixing tests

9 months agoSwitch the SAML issuer to be the IDP URL as opposed to the realm
Colm O hEigeartaigh [Wed, 9 Aug 2017 10:45:37 +0000 (11:45 +0100)] 
Switch the SAML issuer to be the IDP URL as opposed to the realm

9 months agoReturn the IdP metadata if no realm is specified.
Colm O hEigeartaigh [Wed, 9 Aug 2017 09:26:38 +0000 (10:26 +0100)] 
Return the IdP metadata if no realm is specified.

9 months agoUsed StandardCharsets in a few places
Colm O hEigeartaigh [Fri, 4 Aug 2017 11:57:52 +0000 (12:57 +0100)] 
Used StandardCharsets in a few places

9 months ago[Fediz-203] Making roles available for custom userInfoProvider
Jan Bernhardt [Fri, 28 Jul 2017 16:33:15 +0000 (18:33 +0200)] 
[Fediz-203] Making roles available for custom userInfoProvider

9 months agoMake sure we have an IdP token
Colm O hEigeartaigh [Mon, 24 Jul 2017 16:38:48 +0000 (17:38 +0100)] 
Make sure we have an IdP token

10 months agoRemoving some printlns
Colm O hEigeartaigh [Wed, 12 Jul 2017 17:03:30 +0000 (18:03 +0100)] 
Removing some printlns

10 months agoRemoving most of the info logging to the console for the systests
Colm O hEigeartaigh [Wed, 12 Jul 2017 16:59:31 +0000 (17:59 +0100)] 
Removing most of the info logging to the console for the systests

10 months agoAdding a test to show how to federate "unknown" subjects in the local STS
Colm O hEigeartaigh [Wed, 12 Jul 2017 15:39:05 +0000 (16:39 +0100)] 
Adding a test to show how to federate "unknown" subjects in the local STS

10 months ago[FEDIZ-203] Adding Jan's test too
Sergey Beryozkin [Wed, 12 Jul 2017 14:40:13 +0000 (15:40 +0100)] 
[FEDIZ-203] Adding Jan's test too

10 months ago[FEDIZ-203] Fediz-level work based on Jan's contribution
Sergey Beryozkin [Wed, 12 Jul 2017 13:45:30 +0000 (14:45 +0100)] 
[FEDIZ-203] Fediz-level work based on Jan's contribution

10 months agoRefactor of systests
Colm O hEigeartaigh [Wed, 12 Jul 2017 09:49:11 +0000 (10:49 +0100)] 
Refactor of systests

10 months agoRemoving BouncyCastle
Colm O hEigeartaigh [Tue, 11 Jul 2017 16:23:00 +0000 (17:23 +0100)] 
Removing BouncyCastle

10 months agoFEDIZ-204 - Drop Tomcat7, Jetty8, Spring Sec 2 containers
Colm O hEigeartaigh [Tue, 11 Jul 2017 16:19:29 +0000 (17:19 +0100)] 
FEDIZ-204 - Drop Tomcat7, Jetty8, Spring Sec 2 containers

10 months agoUpdating jdk version
Colm O hEigeartaigh [Tue, 11 Jul 2017 14:30:14 +0000 (15:30 +0100)] 
Updating jdk version

10 months agoUpdating master to 2.0.0-SNAPSHOT
Colm O hEigeartaigh [Tue, 11 Jul 2017 13:44:09 +0000 (14:44 +0100)] 
Updating master to 2.0.0-SNAPSHOT

10 months agoAdding roles tests
Colm O hEigeartaigh [Mon, 10 Jul 2017 10:48:47 +0000 (11:48 +0100)] 
Adding roles tests

10 months agoFixing typo with using URI as the key instead of a String
Colm O hEigeartaigh [Mon, 10 Jul 2017 10:40:13 +0000 (11:40 +0100)] 
Fixing typo with using URI as the key instead of a String