Picketlink + SAML: authorize multiple applications (WAR) acting as a single service provider Hello We are currently developing an application for a customer. The project has the restriction that we shall deliver only deployable WAR/EAR files. The customer provides the infrastructure and doesn't allow ... 
PicketLink with SAML and POST - does a redirect instead of a POST in the end Hi, I'm using picketlink and WildFly 9.0.2 for SAML with POST SSO. All goes as expected until the end where I'm getting a GET redirect instead of a POST. Short version: Quick call stack : SP ... 
picketlink-federation-saml-sp-post-with-signature cant configure security domain with cli Anybody know what this means in regards to picketlink-federation-saml-sp-post-with-signature, I followed the instructions as specified to utilize the security domain cli, but I get the following. configure-sec... 
Unable to logout after upgrading to JBoss-EAP-7.0 Hello, We migrated from jboss-eap-6.2 to jboss-eap-7.0. Also updated Picketlink version from PicketLink v2.7.0.CR2 to PicketLink v2.7.1. After migration, login is working properly. But global logout is ... 
Installation does not work I have an enterprise application that I am working on, I am the new Security expert on the team, and I have been raving about the picketlink support to the team. When I was working to implement this solution I f... Tomcat IdP and SSL I have setup two simple picketlink based apps on Tomcat 7. I have an identity provider (IdP) and a service provider (SP). It is used by accessing the SP which communicates with the IdP which provides login again... 
"SigningKey cannot be null" when using keystore file in the sample apps I installed and setup Picketlink for working with SAML. I was successfully able to use the sample applications with their default configurations. I want to use the sales-post-sig as the SP and my own IDP. For doing th... 
Null pointer exception in SAML2AuthenticationHandler.java - art.getProtocolBinding().toString() The SAML standard has the protocol binding as "optional" information. There are some 3rd party implementations of SAML which take this "optional" quite literally (such as OpenSAML) and do not use it on a default confi... 
Quickstart jboss-cli script - "Configure JBoss to use SSL" failing I'm working my way through the picketlink quick starts (picketlink-angularjs-rest to begin with). I'm definitely reaching out of my comfort zone with this stuff, so hopefully not a lame user-error issue here..... 
How to use Picketlink basic model objects in an existing JPA entity model? Hello, I have an existing JPA entity model, and I would like to use the basic User object in it, like this: @Entity public class Invoice implements Serializable { (...) @ManyToOne... 
Prevent direct access URL with picketlink I'm devlopping a Java web application with Picketlink and I've managed all the page access with the class HttpSecurityConfiguration.java. So when I log with the administrator login I can access to the "protected" page... 
Custom Authorizer does not work Hi, I use one of the PL quickstarts - picketlink-authentication-jsf - and then add a custom authorizer. As the authentication in this example does not use any IDM, I want to do the same for authorization. My ... 
Problem with global logout Hi, I am using Salesforce as my IDP and Picketlink as my SP. I am using the following link as mentioned in the tutorials for global logout in my SP. http://localhost:8080/application_context/?GLO=true Please find t... Canonicalization algorithm (http://www.w3.org/2001/10/xml-exc-c14n#WithComments) from Authn Request is not supported Hello All, My client uses F5 BIG IP APM as IDP. When I am sending sp-metadata without any certificate, we are able to login. But due to some patch on client IDP, it requires assertions to be signed whil... Picketlink Logout followed by immediate LogIn causes internal Picketlink errors Hi, I'm running across an instance where the call to logout using <IDP Server>/?GLO=true, which then displays the login page, followed by an immediate login is causing a null pointer exception in the Pic... Customize "AccessDeniedException" default error message. Hello, I am very new to the picketlink project, I am using 2.7.1.Final on wildfly10. with JSF2 CDI, PrimeFaces etc. When user invokes the following method from JSF page(Button). It will show a error messa... 
IdP and SP (not picketlink) with RelayState Hi to all, I have a BIG problem with Picketlink Idp and I don’t know how to go on. First, i’m a newbe of Idp Picketlink and in the last week I need to configure an SAML integration between two ou... 
Supporting SAML 2.0 Extensions - Async SLO We are currently running an IdP using PicketLInk 2.1.6, on JBoss AS 7.2, along with several applications running as SP's on a variety of technologies. We've successfully leveraged several other extension points ... 
How to protect webservice endpoint using SAML picketlink-sts from eap quickstarts ? There is a nice example of PicketLinkSTS server in eap quickstarts: http://www.jboss.org/quickstarts/eap/picketlink-sts/ It is has good explanation about how to get SAML token and validate it. Unfortunate... 
GLO=true not triggering SAML LogoutRequest to the IdP Running Wildfly 8.2.0 and Picketlink 2.7.1-Final. Logging in via the IdP works beautifully, but for some reason hitting the SP with "?GLO=true" does not go through the SAML2LogoutHandler. Here's the picketlin... 
Log in to follow, share, and participate in this community.