11.6.2. Federation Domain Model
The domain model is an abstraction for all PicketLink Federation configuration, providing a single schema from which all configurations can be defined for Identity Providers or Service Providers, for example.
The example bellow shows how the domain model can used to configure an Identity Provider and a Service Provider.
<subsystem xmlns="urn:jboss:domain:picketlink:1.0"> <federation alias="federation-without-signatures"> <saml token-timeout="4000" clock-skew="0" /> <identity-provider alias="idp.war" security-domain="idp" supportsSignatures="false" url="http://localhost:8080/idp/"> <trust> <trust-domain name="localhost" /> <trust-domain name="mycompany.com2" /> <trust-domain name="mycompany.com3" /> <trust-domain name="mycompany.com4" /> </trust> <handlers> <handler class="com.mycompany.CustomHandler"> <handler-parameter name="param1" value="paramValue1"/> <handler-parameter name="param2" value="paramValue2"/> <handler-parameter name="param3" value="paramValue3"/> </handler> </handlers> </identity-provider> <service-providers> <service-provider alias="sales.war" post-binding="true" security-domain="sp" url="http://localhost:8080/sales/" supportsSignatures="false"> <handlers> <handler class="com.mycompany.CustomHandler"> <handler-parameter name="param1" value="paramValue1"/> <handler-parameter name="param2" value="paramValue2"/> <handler-parameter name="param3" value="paramValue3"/> </handler> </handlers> </service-provider> <service-provider alias="employee.war" post-binding="true" security-domain="sp" url="http://localhost:8080/employee/" supportsSignatures="false" /> </service-providers> </federation> </subsystem>
Note
If you are looking for more examples about how to use the domain model, take a look at https://github.com/picketlink/picketlink-as-subsystem/blob/master/src/test/resources/picketlink-subsystem.xml.