This article will describe the configuration processing by PicketLink STS.
As part of PLFED-103 feature, we have introduced a pluggable configuration handler for the STS.
The PicketLink jar contains a file called as "picketlink-sts-confighandlers.xml" which looks as follows:
<Handlers xmlns="urn:picketlink:identity-federation:handler:config:1.0"> <Handler class="org.picketlink.identity.federation.core.wstrust.confighandlers.ConsoleHomeDirectoryConfigHandler"> <Option Key="description" Value="Configuration Handler that is used to pick up settings by console"/> </Handler> <Handler class="org.picketlink.identity.federation.core.wstrust.confighandlers.ClassPathConfigHandler"> <Option Key="description" Value="Configuration Handler that is used to pick up picketlink-sts.xml"/> </Handler> </Handlers>
The STS would first look in the home directory for the settings coming from the PicketLink Console (Experimental). If the configuration was not available, it would look in the deployment via the thread context classloader for "picketlink-sts.xml". Failing which, it would assume a default configuration.
How Do You Write Your Own Configuration Handler?
Write a sub class of org.picketlink.identity.federation.core.wstrust.confighandlers.BaseSTSConfigHandler and override the
public STSConfiguration getConfiguration()
method. The implementation of this method is left to you. Whether you want to get the configuration from LDAP, Database or network, it is up to you.
The base class has a java.util.List of option key value pairs injected by the STS. You can use them.
How Do I Introduce My Configuration Handler?
Assuming that you have written your handler, create a picketlink-sts-confighandlers.xml file in your STS war such that it is on the classpath and reachable by TCCL (suggestion: put it in WEB-INF/classes dir).