2 Replies Latest reply on Apr 1, 2011 1:48 PM by Anil Saldanha

    PicketLink chained authentication

    Todd Story Newbie

      Is something like below possible?  We're trying to support guest users or authentication from another source.  When I'm trying to work this, it seems that when I try to authenticate through a freezone, the picketlink redirects are still kicking in.  So,  is there a way to provide guest access to the areas that can also be served by logged-in (via PicketLink)?  In other words, the first part isn't necessarily required, just would be a nice to have as this is how chained authenticatino in JBoss is described.

       

      <deployment>

         <application-policy xmlns="urn:jboss:security-beans:1.0" name="sp">

             <authentication>

                 <login-module code="org.jboss.security.auth.spi.UsersRolesLoginModule"

                        flag="sufficient">

                    <module-option name="usersProperties">props/jmx-console-users.properties</module-option>

                    <module-option name="rolesProperties">props/jmx-console-roles.properties</module-option>             

                  </login-module>

       

                 <login-module code="org.picketlink.identity.federation.bindings.jboss.auth.SAML2LoginModule"

                               flag="sufficient">

                       <module-option name="unauthenticatedIdentity">anonymous</module-option>

                 </login-module>          

                </authentication>

         </application-policy>

      </deployment>