Google Site Search


Tuesday, June 23, 2009

SAML2/XACMLv2 Out of the Box

Suppose you have the following needs:
a) Need to have XACMLv2 evaluation of access control requests.
b) Do not want to implement either the XACML PDP (Policy Decision Points) or PEP (Policy Enforcement Points).
c) Use SAMLv2 payload to transport the XACMLv2 request and response.
d) Use SOAP 1.1 messages to carry the SAMLv2 payload (which internally carries the XACMLv2 request/response messages).

As described in SAMLv2/XACMLv2 integration, there is a servlet provided as part of the JBossIdentity stack.

All you need to do is create the XACML policies and package it as part of a web application and configure the SOAPSAMLXACMLServlet in the web.xml as defined in the wiki article.

You get out of the box functionality without a need to write PDP or PEP. The servlet acts as the PEP/PDP combo.

Jazoon09: Secure Middleware with JBossAS5.x

I have had the privilege of presenting at Jazoon 2009 in Zurich. My presentation ended a couple of hours ago.

My presentation slides are here.

Please refer to the reference urls in the slides to get more details.

At this moment, I am sitting in the presentation by Dimitris on "JBoss AS5 and Beyond". I am sure you can get more information from his blog.

Wednesday, June 10, 2009

SAMLv2 Web Browser SSO With JBoss

If you are interested in a checking out Web Browser SSO using SAMLv2.0 on JBoss or Tomcat, try JBoss Identity 1.0.0.alpha3 from:
JBoss Identity Project

The documentation is available from the wiki and guides.

You can also try Oasis WS-Trust v1.3 SAML Token Profile support using the JBoss Security Token Service.

We are very eager to get your feedback in the user forum.

Monday, June 1, 2009

JBoss AS 5.1 Security Features

Now that the JBoss AS 5.1 has been released to the community, it is time to talk more about the exciting new Security features available. Toward this end, I have written the following DZone Articles that will be published over the month of June.

1. Security Features of JBoss AS 5.1.0 - Part 1 - Simplified Security Domain Configuration
2. Security Features of JBoss AS 5.1.0 - Part 2 - Masking Passwords in the Configuration File
3. Security Features of JBoss AS 5.1.0 - Part 3 - XACML Authorization for EJB Applications
4. Security Features of JBoss AS 5.1.0 - Part 4 - XACML Authorization for WEB Applications
5. Security Features of JBoss AS 5.1.0 - Part 5 - Instance Based Authorization

So if you are interested in XACML, Instance Based Security with JBoss or want to mask passwords in the xml configuration files, read these articles.

Also Security Auditing Feature in AS5 is: