-
1. Re: Can someone help with picketlink SAML and Jboss Setup
anil.saldhana Apr 25, 2010 12:21 AM (in response to morrowjl)1 of 1 people found this helpfulLook at https://community.jboss.org/wiki/PicketLinkArchitectures, which hints at the STS acting as the center of a trusted heterogeneous system.
The STS is what creates the trust anchor for your system. Every unit in the system relies on the STS for trust.
-
2. Re: Can someone help with picketlink SAML and Jboss Setup
morrowjl Apr 26, 2010 11:23 AM (in response to anil.saldhana)Thank you very much for helping. I looked at the page and we are currently working to implement calling the Picketlink STS.
-
3. Re: Can someone help with picketlink SAML and Jboss Setup
ghilgers Apr 26, 2010 6:48 PM (in response to morrowjl)Jamere
I work for a company called Ping Identity and our expertise is SAML. I'd be happy to hear more about the issues you are having and see if there are some ways we can help. Let me know if you have interest. Also, feel free to visit our website www.pingidentity.com for more information. I look forward to your response.
Best Regards,
Graham
-
4. Re: Can someone help with picketlink SAML and Jboss Setup
morrowjl Apr 27, 2010 10:13 AM (in response to ghilgers)Well this issue is that we are trying to configure our web services to use JBOSS and SAML. So I have reviewed the orignal link that I was referred to. We are using is SOAP and we are trying to see is after we configure SAML using the JARS from http://community.jboss.org/wiki/CheatsheetPicketLinkandJBossAS#cf and xml for the Service Provider and Identity Provider, do we need to put the assertions within our SOAP messages?
Basically, we are trying to find out what components are needed to configure SAML to our services.
What I have located is:
PicketLink jars
create a picketlink_sts.xml file
configure Sercuirty and Identty Providers
** And...is there an example? I believe we are to add SAML Assertions into our SOAP messages, make the call to the PicketLink STS which will parse the request and marshall the object then send us a response. Is this correct??
Thanks everyone for all the help
-
5. Re: Can someone help with picketlink SAML and Jboss Setup
rashmirajappa Apr 27, 2010 10:38 AM (in response to morrowjl)You can start with deploying picketlink-sts.war from http://www.jboss.org/picketlink/downloads.html
And then follow the steps provided in http://community.jboss.org/wiki/PicketLinkSTS-WritingaTokenProvider to write your own Token Provider where you can create SAML Assertion as per your needs.
You can have a look at org.picketlink.identity.federation.core.wstrust.plugins.saml.SAML20TokenProvider.java from SVN It will give you an idea of how to use picketlink wrapped APIs and utils available for creating a SAML assertion.
regards,
Rashmi
-
6. Re: Can someone help with picketlink SAML and Jboss Setup
morrowjl Apr 27, 2010 11:40 AM (in response to rashmirajappa)Ok, So I am looking at what you said and I and trying to get a clear understanding. If our web services already use SOAP cant we skip over some of this and just use the SAML SOAP bingings to call the PicketLink STS web service?
Is it completely necessary for us to go through all these steps?
-
7. Re: Can someone help with picketlink SAML and Jboss Setup
rashmirajappa Apr 28, 2010 9:01 AM (in response to morrowjl)The steps i've mentioned earlier are the customizations available for PickteLink server.
If you are talking about client.
"If our web services already use SOAP cant we skip over some of this and just use the SAML SOAP bingings to call the PicketLink STS web service?"
Yes, this is possible. Read through this http://community.jboss.org/thread/150937?tstart=0
I'm trying to achieve a similar functionality.