16 January 2016

Understanding Spring Web-Flow in Apache Fediz - Part 2

After explaining in Part 1 of this topic how the Spring Web-Flow will be initiated I'm going to review the actual flow in some more detail in this post.

The flow registry knows three flows:
  1. Federation Validate Request Flow
  2. Federation Signin Request Flow
  3. Federation Signin Response Flow
The first flow is linked to the fediz-idp/federation URL within the idp-servlet.xml file which is the usual entry point for the IDP. The two other flows are sub-flows which will be executed from within the first flow.
<webflow:flow-registry id="flowRegistry" flow-builder-services="builder">
    <webflow:flow-location path="/WEB-INF/flows/federation-validate-request.xml" id="federation" />
    <webflow:flow-location path="/WEB-INF/flows/federation-validate-request.xml" id="federation/up" />
    <webflow:flow-location path="/WEB-INF/flows/federation-validate-request.xml" id="federation/krb" />
    <webflow:flow-location path="/WEB-INF/flows/federation-validate-request.xml" id="federation/clientcert" />
    <webflow:flow-location path="/WEB-INF/flows/federation-signin-request.xml" id="signinRequest" />
    <webflow:flow-location path="/WEB-INF/flows/federation-signin-response.xml" id="signinResponse" />
</webflow:flow-registry>

Validate Request Flow


The main federation flow can be customized within the WEB-INF/flows/federation-validate-request.xml file. The standard flow looks like this:


07 January 2016

Understanding Spring Web-Flow in Apache Fediz - Part 1

When I started to work with Apache Fediz, most of the actions looked like magic to me, because I was not able to understand how Spring Security and Spring Web Flow have been used in Apache Fediz. After several hours of learning and investigation I finally understood how all this works together.

In this post I would like to share with you from what I understood of how Fediz works internally.