4 Replies Latest reply on Jul 11, 2011 1:39 AM by Marcel Dullaart

    How to configure the SAML2AttributeHandler

    Marcel Dullaart Newbie

      Hi,

       

      I am working on changing the authentication method from Kerberos/SPNEGO based to SAML based solution, where ADFS is choosen as IDP.

      A large number of JEE applications is deployed using Kerberos/SPNEGO authentication on our JBoss AS 4.3 EAP platform.

      Therefor it seems logical to utilise picketlink-1.0.4.final as SP on the JBoss platform.

       

      First off all, using the description on the wiki I succesfully configured a demo application to authenticate, even with kerberos authentication against the IDP.

      I am currently facing an issue retrieving additional profile attributes from the saml response.

      I added the SAML2AttributeHandler to the Handlers, but it doesn't seem to do anything.

       

      Reading through the code I found that I needed to add an AttributeManager so I added the JBossAppServerAttributeManager to the handler config.

      Still nothing.

       

      Can you provide the configuration options for the SAML2AttributeHandler?