Hi all,
- Is possible for the SP web application to get the Principal (maybe roles) after successful login from PicketLink IDP?
- Can the SP bypass (wihtout configuration) do an authentication request to idp by API? In reference to the document
http://community.jboss.org/wiki/JBossIdentityCodeSamples
Thanks!
The IDP sends back the user name and roles in the saml assertion. You can configure the valves on the SP side to create the subject with the information coming from the IDP.