I am new to XACML, so please be patient with me, forgive my errors (giving me an hint for correcting my behavior ).
It will be very helpful to have some clear links to how to configure a web container (in my caseJBoss AS 7.1 final) to use XACML.
When I start jboss, log informations are similar
JBoss Bootstrap Environment
16:23:56,052 INFO [org.jboss.as.naming] JBAS011800: Activating Naming Subsystem
16:23:56,089 INFO [org.jboss.as.logging] JBAS011502: Removing bootstrap log handlers
16:23:56,143 INFO [org.jboss.as.webservices] JBAS015537: Activating WebServices Extension
16:23:56,144 INFO [org.jboss.as.security] JBAS013101: Activating Security Subsystem
16:23:56,138 INFO [org.jboss.as.osgi] JBAS011940: Activating OSGi Subsystem
16:23:56,199 INFO [org.jboss.as.security] (MSC service thread 1-2) JBAS013100: Current PicketBox version=4.0.7.Final
16:23:56,716 INFO [org.jboss.as.connector] (MSC service thread 1-4) JBAS010408: Starting JCA Subsystem (JBoss IronJacamar 1.0.9.Final)
16:23:57,171 INFO [org.jboss.as.naming] (MSC service thread 1-3) JBAS011802: Starting Naming Service
so picketbox is used, but I don't find clear documentation about configuring it when used as module in JBoss AS 7.1.
I've seen something in this area (wiki) and something in Anil's blog, but I have to admit that for a beginner those resource are really unclear.
My question is: where do I put configurations informations? Where policy must be written?
I've seen some xml configuration samples (here for example http://docs.jboss.org/jbosssecurity/docs/jbossxacml/html/ch04.html ) , and I can't figure out how to proceed to run the sample.
If I am define a policy, in my logic this policy must be used by my appserver (jboss7.1) to authenticate. How can I tell to JBoss AS 7.1 that it must use that policy?
I spent two days trying to understand how to configure JBoss AS 7.1, I can't find a solution and this is very frustrating. Maybe my start point is wrong, any advice?
Thanks in advance