0 Replies Latest reply on Nov 27, 2012 2:13 PM by pacodelucia

    Pass SAML Token from Webapp to EJB

    pacodelucia Newbie



      I've successfully set up the sale-post examples on JBoss 7.1.1 and after some classpath fixing it worked. I call the sales-post webapp, i'm redirected to the IDP, I authenticate and I'm coming back to sales-post with a SAML-Assertion.


      As I understand it in this example the SPPostFormAuthenticator passes the SAML-Assertion contained in the HTTP-POST-Request using some ThreadLocal "magic" to the SAML2LoginModule. This LoginModule then creates a SimplePrincipal.


      However I would prefer to have a SamlPrincipal as it is done in the STSIssuingLoginModule. My goal is to access the original SAML-Assertion as it was issued by the IDP in my Application (e.g. an EJB).


      The article here




      explains how to set up something similar but with the difference that the "end-user" authenticates with username/password. It seems that in this scenario the saml assertion is passed from the web container to the ejb container.


      Any hints or ideas?