There is a nice example of PicketLinkSTS server in eap quickstarts:  http://www.jboss.org/quickstarts/eap/picketlink-sts/

It is has good  explanation about how to get SAML token and validate it. Unfortunately  there is no example about how to use it to protect WebService endpoint.

Can someone give me hint there to find such example ? examlpe for WS-trust and picketlink-sts .

All I can find is this https://developer.jboss.org/wiki/SAMLEnabledPOJOWebServices

but it is looks like really old.  is there something new actuall for EAP 7-6  or wildfly ?

Thanks in advance for any hints !