Last week Colm announced that support for SAML Web SSO profile was available starting from CXF 2.6.1.
We have also created a new CXF wiki page dedicated to describing the way the CXF JAX-RS applications can be protected with SAML SSO filters.
Colm has done a comprehensive testing against many popular IDP implementations which support SAML SSO and we believe that CXF offers one of the most configurable and interoperable SP SAML SSO implementations, even at this early stage.
I think it is a pretty major milestone for CXF JAX-RS and for CXF Security overall. CXF already offers a production quality WS-Trust STS implementation, Oliver has just finished the first release of Fediz. Having a quality Service Provider SAML SSO support will help users get CXF JAX-RS endpoints integrated with the enterprise security services which is very important.
This SSO support and other SSO implementations to be supported by CXF will also make it easier to build more distributed OAuth2 applications.
We are planning to work on a demo demonstrating SAML Web SSO in action. Stay tuned :-)