Versions: Wildfly 8.2.0Final, PicketLink 2.0.7.CR3

I have successful deployed the sample WS-Trust Security Token Service ("sample EAP-6.3.0\jboss-eap-6.3.0.GA-quickstarts\picketlink-sts") implementation on the Wildfly AS, and I can get SAML assertion, too.

I developled a pojo WebService, I called its method from SOAP UI (insert the generated SAML assertion into the request header).

I have added 2 handler into the webservice handler chain:

1. Writing SOAPHandler that sets soap:mustUnderstand in Security tag to false

2. Adding picketlink SAML2Handler programatically to the handler chain

After that I was able to get the right principal from the webservice method.

I have checked in the Wildfly's modules directory and also in the picketlink installer (ant script), that in case of wildfly there wont be install the picketlink-jbas7-2.7.0.CR3.jar containing the

org.picketlink.trust.jbossws.handler.SAML2Handler class, it will be installed only in case of jboss. So I have to add this jar (and also some others) to my project manually, as org.picketlink module doesn't contain it.

But my main problem is, that in the standalone.xml I have to config a security domain using org.picketlink.identity.federation.bindings.jboss.auth.SAML2STSLoginModule, and this class is also in picketlink-jbas7-2.7.0.CR3.jar.

Could anyone tell me, why theese classes (org.picketlink.trust.jbossws.handler.SAML2Handler, org.picketlink.identity.federation.bindings.jboss.auth.SAML2STSLoginModule) are not in the picketlink module of the Wildfly AS?

Is there a good sample to secure EJB WebService (with @RolesAllowed annotation) using SAML assertion in Wildfly AS? Or there is only support for it in JBoss AS?

I have used theese articles:

SAML Enabled POJO Web Services

https://developer.jboss.org/wiki/SAMLWSIntegrationwithPicketLinkSTS

Thanks a lot in advance!