JBoss.orgCommunity Documentation

PicketLink Reference Documentation

PicketLink

Version 2.5.3.Beta1

Table of Contents

1. Overview
1.1. What is PicketLink?
1.2. Where do I get started?
1.2.1. QuickStarts
1.2.2. API Documentation
1.3. Modules
1.3.1. Base module
1.3.2. Identity Management
1.3.3. Federation
1.4. License
1.5. Maven Dependencies
1.6. PicketLink Installer
1.7. Help us improve the docs!
2. Authentication
2.1. Overview
2.2. Authentication API - the Identity bean
2.3. The Authentication Process
2.3.1. A Basic Authenticator
2.3.2. Multiple Authenticator Support
2.3.3. Credentials
2.3.4. DefaultLoginCredentials
3. Identity Management - Overview
3.1. Introduction
3.1.1. Injecting the Identity Management Objects
3.1.2. Interacting with PicketLink IDM During Application Startup
3.1.3. Configuring the Default Partition
3.2. Getting Started - The 5 Minute Guide
3.3. Identity Model
3.3.1. Which Identity Model Should My Application Use?
3.4. Creating a Custom Identity Model
3.4.1. The @AttributeProperty Annotation
3.4.2. The @Unique Annotation
3.5. Creating Custom Relationships
3.6. Partition Management
3.6.1. Creating Custom Partitions
4. Identity Management - Credential Validation and Management
4.1. Authentication
4.2. Managing Credentials
4.3. Credential Handlers
4.3.1. The CredentialStore interface
4.3.2. The CredentialStorage interface
4.4. Built-in Credential Handlers
4.4.1. Username/Password-based Credential Handler
4.4.2. DIGEST-based Credential Handler
4.4.3. X509-based Credential Handler
4.4.4. Time-based One Time Password Credential Handler
4.5. Implementing a Custom CredentialHandler
5. Identity Management - Basic Identity Model
5.1. Basic Identity Model
5.1.1. Utility Class for the Basic Identity Model
5.2. Managing Users, Groups and Roles
5.2.1. Managing Users
5.2.2. Managing Groups
5.3. Managing Relationships
5.3.1. Built In Relationship Types
5.4. Realms and Tiers
6. Identity Management - Attribute Management
6.1. Overview
6.2. Formal attributes
6.3. Ad-hoc attributes
7. Identity Management - Configuration
7.1. Configuration
7.1.1. Architectural Overview
7.1.2. Default Configuration
7.1.3. Providing a Custom Configuration
7.1.4. Initializing the PartitionManager
7.1.5. Programmatic Configuration Overview
7.1.6. Providing Multiple Configurations
7.1.7. Providing Multiple Stores for a Configuration
7.1.8. Configuring Credential Handlers
7.1.9. Identity Context Configuration
7.1.10. IDM configuration from XML file
8. Identity Management - Working with JPA
8.1. JPAIdentityStoreConfiguration
8.1.1. Default Database Schema
8.1.2. Configuring an EntityManager
8.1.3. Mapping IdentityType Types
8.1.4. Mapping Partition Types
8.1.5. Mapping Relationship Types
8.1.6. Mapping Attributes for AttributedType Types
8.1.7. Mapping a CredentialStorage type
8.1.8. Configuring the Mapped Entities
8.1.9. Providing a EntityManager
9. Identity Management - Working with LDAP
9.1. Overview
9.2. Configuration
9.2.1. Connecting to the LDAP Server
9.2.2. Mapping Identity Types
9.2.3. Mapping Relationship Types
9.2.4. Mapping a Type Hierarchies
9.2.5. Mapping Groups to different contexts
10. PicketLink Subsystem
10.1. Overview
10.2. Installation and Configuration
10.3. Configuring the PicketLink Dependencies for your Deployment
10.4. Domain Model
10.5. Identity Management
10.5.1. JPAIdentityStore
10.5.2. Usage Examples
10.6. Federation
10.6.1. The Federation concept (Circle of Trust)
10.6.2. Federation Domain Model
10.6.3. Usage Examples
10.6.4. Metrics and Statistics
10.7. Management Capabilities
11. Federation
11.1. Overview
11.2. SAML SSO
11.3. SAML Web Browser Profile
11.4. PicketLink SAML Specification Support
11.5. SAML v2.0
11.5.1. Which Profiles are supported ?
11.5.2. Which Bindings are supported ?
11.5.3. PicketLink Identity Provider (PIDP)
11.5.4. PicketLink Service Provider (PSP)
11.5.5. SAML Authenticators (Tomcat,JBossAS)
11.5.6. Digital Signatures in SAML Assertions
11.5.7. SAML2 Handlers
11.5.8. Single Logout
11.5.9. SAML2 Configuration Providers
11.5.10. Metadata Support
11.5.11. Token Registry
11.5.12. Standalone vs JBossAS Distribution
11.5.13. Standalone Web Applications(All Servlet Containers)
11.6. SAML v1.1
11.6.1. SAML v1.1
11.6.2. PicketLink SAML v1.1 Support
11.7. Trust
11.7.1. Security Token Server (STS)
11.8. Extensions
11.8.1. Extensions
11.8.2. PicketLinkAuthenticator
11.9. PicketLink API
11.9.1. Working with SAML Assertions
11.10. 3rd party integration
11.10.1. Picketlink as IDP, Salesforce as SP
11.10.2. Picketlink as SP, Salesforce as IDP
11.10.3. Picketlink as IDP, Google Apps as SP
12. PicketLink Quickstarts
12.1. Overview
12.2. Available Quickstarts
12.3. PicketLink Federation Quickstarts
12.4. Contributing
Glossary

List of Figures

11.1. TODO InformalFigure image title empty
11.2. TODO InformalFigure image title empty
11.3. TODO InformalFigure image title empty
11.4. TODO Gliffy image title empty
11.5. TODO InformalFigure image title empty
11.6. TODO InformalFigure image title empty
11.7. TODO InformalFigure image title empty
11.8. TODO InformalFigure image title empty
11.9. TODO InformalFigure image title empty
11.10. TODO InformalFigure image title empty
11.11. TODO InformalFigure image title empty

List of Tables

3.1. Identity Management Objects
4.1. Built-in credential types
4.2. Configuration Parameters
4.3. Configuration Parameters
8.1. IdentityType Annotations
8.2. Partition Annotations
8.3. Relationship Annotations
8.4. Partition Annotations
8.5. Partition Annotations
9.1. LDAP Connection Configuration Options

List of Examples

8.1. Example
8.2. Example
8.3. Example
8.4. Example
8.5. Example
8.6. Example
11.1. context.xml
11.2. context.xml
11.3. context.xml
11.4. context.xml
11.5. context.xml
11.6. WEB-INF/picketlink-handlers.xml
11.7. WEB-INF/picketlink-handlers.xml
11.8. WEB-INF/picketlink-handlers.xml
11.9. WEB-INF/picketlink-handlers.xml
11.10. WEB-INF/picketlink-handlers.xml
11.11. WEB-INF/picketlink-handlers.xml
11.12. WEB-INF/picketlink-handlers.xml
11.13. WEB-INF/picketlink-handlers.xml
11.14. web.xml
11.15. web.xml
11.16. jsp/login.jsp
11.17. jsp/error.jsp
11.18. STSWSClientTestCase.java
11.19. handlers.xml