0 Replies Latest reply on Aug 17, 2012 11:27 AM by valia981

    Configurations sample request

    valia981 Newbie

      Hi all!

      I am new to XACML, so please be patient with me, forgive my errors (giving me an hint for correcting my behavior ).

      It will be very helpful to have some clear links to how to configure a web container (in my caseJBoss AS 7.1 final)  to use XACML.

       

      When I start jboss, log informations are similar

       

      =========================================================================

       

       

        JBoss Bootstrap Environment

      ......

       

      16:23:56,052 INFO  [org.jboss.as.naming] JBAS011800: Activating Naming Subsystem

      16:23:56,089 INFO  [org.jboss.as.logging] JBAS011502: Removing bootstrap log handlers

      16:23:56,143 INFO  [org.jboss.as.webservices] JBAS015537: Activating WebServices Extension

      16:23:56,144 INFO  [org.jboss.as.security] JBAS013101: Activating Security Subsystem

      16:23:56,138 INFO  [org.jboss.as.osgi] JBAS011940: Activating OSGi Subsystem

      16:23:56,199 INFO  [org.jboss.as.security] (MSC service thread 1-2) JBAS013100: Current PicketBox version=4.0.7.Final

      16:23:56,716 INFO  [org.jboss.as.connector] (MSC service thread 1-4) JBAS010408: Starting JCA Subsystem (JBoss IronJacamar 1.0.9.Final)

      16:23:57,171 INFO  [org.jboss.as.naming] (MSC service thread 1-3) JBAS011802: Starting Naming Service

       

      .....

      so picketbox is used, but I don't find clear documentation about configuring it when used as module in JBoss AS 7.1.

      I've seen something in this area (wiki) and something in Anil's blog, but I have to admit that for a beginner those resource are really unclear.
      My question is: where do I put configurations informations? Where policy must be written?

      I've seen some xml configuration samples (here for example http://docs.jboss.org/jbosssecurity/docs/jbossxacml/html/ch04.html ) , and I can't figure out how to proceed to run the sample.

       

      If I am define a policy, in my logic this policy must be used by my appserver (jboss7.1) to authenticate. How can I tell to JBoss AS 7.1 that it must use that policy?

       

      I spent two days trying to understand how to configure JBoss AS 7.1, I can't find a solution and this is very frustrating. Maybe my start point is wrong, any advice?

      Thanks in advance

      Valentina