I am creating a new thread for some questions in another thread. This question should be in its own thread. Thank you Pedro for pointing this out.
Can you give me some pointers to go further with PicketLink IDP and SP. I would like have a MySQL database data store for the users and roles for the IdP. I would like to have my JEE6 application to be SP. I am looking for a sample code or any documentation to get started on this. I appreciate any help you can give me on this. Thank you.
The IDP uses JAAS during the authentication process. I think It is a matter of which LoginModule implementation you want. If you want to use a database as an identity store, there is an out-of-box LoginModule called org.jboss.security.auth.spi.DatabaseServerLoginModule. If you want to use a LDAP identity store there is also another implementation.
You can also create a custom LoginModule to do what ever you want to ....
Take a look at this documentation: http://docs.jboss.org/jbosssecurity/docs/6.0/security_guide/html/Login_Modules.html.
I get the part to get database based authentication and authorization using PicketBase. The documentation you provided covers that well. Now for my use case, those users and roles should be available via common IDM or identity store common to multiple applications. Basically IDM will store user and authorization roles for multiple organizations. We require an IDP to serve the IDM store for various SPs. Basically I am looking for code samples or documentation on this. If I just have a web application today which uses DatabaseServerLoginModule, how can I make it to become IDM. Another way to ask the same question is how to start leveraging PicketLink features if you are a PicketBase user. Ideally I would like to create an IDM and then leverage it in Federation, using IDP and SP. JBoss seems to have the perfect architecture for me. I just need some help to navigate to the right documentation.
I appreciate all the help. Thank you again.
|Retrieving data ...|