A new major release (1.3.0) of Apache CXF Fediz
a few weeks ago. There are some major dependency updates as part of this release:
- The core Apache CXF dependency is updated from the 3.0.x branch to the 3.1.x branch (3.1.6 to be precise)
- The Spring dependency of the IdP is updated from the 3.2.x branch to the 4.1.x branch.
Fediz contains a number of container plugins to support the Passive Requestor Profile of WS-Federation. The 1.3.0 release now supports container plugins for:
- Jetty 8 and 9 (new)
- Apache Tomcat 7 and 8 (new)
- Spring Security 2 and 3
- Apache CXF.
The Identity Provider (IdP) service has the following new features:
- The IdP now supports protocol bridging with OpenId Connect IdPs (see previous article on an interop demo with Keycloak).
- The IdP is now capable of supporting the SAML SSO protocol natively, in addition to the Passive Requestor Profile of WS-Federation.
- A new IdP service is now available which supports OpenId Connect by leveraging Apache CXF. By default it delegates authentication to the existing Fediz IdP using WS-Federation.
In a nutshell, the Fediz 1.3.0 IdP supports user authentication via the WS-Federation, SAML SSO and OpenId Connect protocols, and it can also bridge between all of these different protocols. This is a compelling selling point of Fediz, and one I will explore more in some forthcoming articles.
Post a Comment