Enforcing Authentication and Authorization on a JAX-WS web service using Picketlink

by Kenny Peeples (Red Hat)

Introduction

The following article describes how to enforce authentication with SAML and authorization with XACML on a JAX-WS Web Service on JBoss Enterprise Application Platform with Picketlink. I combined several articles listed in the References section to make this one demonstration. The source code is on github.

Products
JBoss Enterprise Application Platform 5.2.0
Picketlink 2.0.1
JDK 1.7
JBoss Developer Studio 6

Note: Future updates will the latest versions of EAP/Picketlink/Fuse and moving the projects to maven.

Server Project
Contains the Web Service to take the assertion out of the wsse, validate it, verify authorization and process the request. The files contained in the project are the SAML2ServerHandler.java, WSTest.java, WSTestBean.java, jboss.xml, jbossxacml-config.xml,standard-jaxws-endpoint-config.xml,xacml-policy.xml,sts-config.properties,sts-roles.properties,sts-security-domain-jboss-beans.xml,sts-users.properties. All the XML is displayed to the console.

Continue reading “Enforcing Authentication and Authorization on a JAX-WS web service using Picketlink”