What is PicketBox?

PicketBox (formerly JBoss Security) is a security framework for Java Applications.

The features available are:

1. Authentication
2. Authorization/Access Control
3. Auditing
4. Mapping (Principal/Roles/Attribute)

The advantage is a simple framework with a single configuration file to handle.

Project Page is http://jboss.org/picketbox.

Environment Needed

PicketBox should run in a regular J2SE (Java JRE) environment. Of course, some dependencies are needed.

Download Releases

• 3.0.0.Beta6 is released on May 13, 2010.

Steps:

1. Pick the zip from PicketBox Downloads
2. If you are in a non-JBoss Application Server environment, you need the jboss-logging-spi.jar. Download it from here.

Relationship between PicketBox and PicketLink

• PicketBox is the foundational security framework that provides the authentication, authorization, audit and mapping capabilities to Java applications.
• PicketLink (formerly, JBoss Identity) builds on PicketBox foundation and provides an identity model, federated identity support (SAML, WS-Trust, OpenID), Authz(access control developer api), Negotiation (SPNego/Kerberos based desktop SSO).

Advanced Information ( PicketBox FAQ)

1. JSR-196 Callback Handler for JCA 1.6 Integration
2. PicketBox in JBoss Application Server 5.1

Latest Information

• Anil's Security Blog
• PicketBox Project Page 
• PicketLink Project