Product SiteDocumentation Site

Chapter 11. PicketLink Subsystem

11.1. Overview
11.2. Installation and Configuration
11.3. Configuring the PicketLink Dependencies for your Deployment
11.4. Domain Model
11.5. Identity Management
11.5.1. JPAIdentityStore
11.5.2. Usage Examples
11.6. Federation
11.6.1. The Federation concept (Circle of Trust)
11.6.2. Federation Domain Model
11.6.3. Usage Examples
11.6.4. Metrics and Statistics
11.7. Management Capabilities

11.1. Overview

The PicketLink Subsystem extends JBoss Application Server to introduce some new capabilities, providing a infrastructure to deploy and manage PicketLink deployments and services. Currently, only JBoss Enterprise Application Platform 6.1 is supported.
In a nutshell, the most important capabilities are:
  • A rich domain model supporting the configuration of PicketLink Federation (specially SAML-based applications) deployments and Identity Management services.
  • Minimal configuration for deployments. Part of the configuration is done automatically with some hooks for customizations.
  • Minimal dependencies for deployments. All PicketLink dependencies are automatically set from modules.
  • Configuration management using JBoss Application Server Management API. It can be managed in different ways: HTTP/JSON, CLI, Native DMR, etc.
  • Identity Management Services are exposed in JNDI and are fully integrated with CDI. You can use PicketLink Identity Management without requiring the base module dependencies.
  • Applications don't need to change when moving between different environments such as development, testing, staging or production. All the configuration is defined outside the application.
  • Users need to learn a single and consolidated schema.

Important

The subsystem is not available yet in JBoss Enterprise Application Platform 6. While it is not updated with the PicketLink modules and subsystem you must follow the instructions on the next sections to get it up and running.
Report a bug