Suppose you have the following needs:
a) Need to have XACMLv2 evaluation of access control requests.
b) Do not want to implement either the XACML PDP (Policy Decision Points) or PEP (Policy Enforcement Points).
c) Use SAMLv2 payload to transport the XACMLv2 request and response.
d) Use SOAP 1.1 messages to carry the SAMLv2 payload (which internally carries the XACMLv2 request/response messages).
As described in SAMLv2/XACMLv2 integration, there is a servlet provided as part of the JBossIdentity stack.
All you need to do is create the XACML policies and package it as part of a web application and configure the SOAPSAMLXACMLServlet in the web.xml as defined in the wiki article.
You get out of the box functionality without a need to write PDP or PEP. The servlet acts as the PEP/PDP combo.
Tuesday, June 23, 2009
Jazoon09: Secure Middleware with JBossAS5.x
I have had the privilege of presenting at Jazoon 2009 in Zurich. My presentation ended a couple of hours ago.
My presentation slides are here.
Please refer to the reference urls in the slides to get more details.
At this moment, I am sitting in the presentation by Dimitris on "JBoss AS5 and Beyond". I am sure you can get more information from his blog.
My presentation slides are here.
Please refer to the reference urls in the slides to get more details.
At this moment, I am sitting in the presentation by Dimitris on "JBoss AS5 and Beyond". I am sure you can get more information from his blog.
Wednesday, June 10, 2009
SAMLv2 Web Browser SSO With JBoss
If you are interested in a checking out Web Browser SSO using SAMLv2.0 on JBoss or Tomcat, try JBoss Identity 1.0.0.alpha3 from:
JBoss Identity Project
The documentation is available from the wiki and guides.
You can also try Oasis WS-Trust v1.3 SAML Token Profile support using the JBoss Security Token Service.
We are very eager to get your feedback in the user forum.
JBoss Identity Project
The documentation is available from the wiki and guides.
You can also try Oasis WS-Trust v1.3 SAML Token Profile support using the JBoss Security Token Service.
We are very eager to get your feedback in the user forum.
Monday, June 1, 2009
JBoss AS 5.1 Security Features
Now that the JBoss AS 5.1 has been released to the community, it is time to talk more about the exciting new Security features available. Toward this end, I have written the following DZone Articles that will be published over the month of June.
1. Security Features of JBoss AS 5.1.0 - Part 1 - Simplified Security Domain Configuration
2. Security Features of JBoss AS 5.1.0 - Part 2 - Masking Passwords in the Configuration File
3. Security Features of JBoss AS 5.1.0 - Part 3 - XACML Authorization for EJB Applications
4. Security Features of JBoss AS 5.1.0 - Part 4 - XACML Authorization for WEB Applications
5. Security Features of JBoss AS 5.1.0 - Part 5 - Instance Based Authorization
So if you are interested in XACML, Instance Based Security with JBoss or want to mask passwords in the xml configuration files, read these articles.
Also Security Auditing Feature in AS5 is:
http://server.dzone.com/articles/security-auditing-jboss
1. Security Features of JBoss AS 5.1.0 - Part 1 - Simplified Security Domain Configuration
2. Security Features of JBoss AS 5.1.0 - Part 2 - Masking Passwords in the Configuration File
3. Security Features of JBoss AS 5.1.0 - Part 3 - XACML Authorization for EJB Applications
4. Security Features of JBoss AS 5.1.0 - Part 4 - XACML Authorization for WEB Applications
5. Security Features of JBoss AS 5.1.0 - Part 5 - Instance Based Authorization
So if you are interested in XACML, Instance Based Security with JBoss or want to mask passwords in the xml configuration files, read these articles.
Also Security Auditing Feature in AS5 is:
http://server.dzone.com/articles/security-auditing-jboss
Subscribe to:
Posts (Atom)