1 Reply Latest reply on Apr 15, 2012 1:51 PM by anil.saldhana

Securing WebServices with SAML 2 on AS 7.1 / Alternative for SAML2Handler

timo.hirt Apr 12, 2012 2:13 PM

I am trying to secure a EJB WebService and need to authenticate a user by a SAML 2 assertion. I configured a handler chain as described in https://community.jboss.org/wiki/SAMLEnabledPOJOWebServices. All descriptions in the documentation (e.g. https://community.jboss.org/wiki/SAMLEnabledJBossWebServices) utilze the SAML2Handler (org.picketlink.trust.jbossws.handler.SAML2Handler) of picketlink-trust. Since this jar file is not available for AS 7.1 are there any alternatives to this in Picketlink 2.0.3 the secure WebServices using SAML2?

1. Re: Securing WebServices with SAML 2 on AS 7.1 / Alternative for SAML2Handler

anil.saldhana Apr 15, 2012 1:51 PM (in response to timo.hirt)

Sorry, Timo, we have not gotten to this yet. I think the SAML2Handler will work in AS71 too but we still have not tested it. The trust jar contains a lot of AS5/6 specific codebase that needs to be isolated from a trust jar for AS71.
Actions