[security-dev] How to use PicketLink IDM with custom account type configured on AS/EAP?

Pedro Igor Silva psilva at redhat.com
Thu Nov 14 07:29:56 EST 2013

Hi Karel,

   Sorry for the late reply. I think you can proceed with the way you described.

   If you put your classes inside a module in AS/EAP, you can use the attribute "module" of the identity store element to specify the module from which classes should be loaded from. This can be useful to consider the module's classloader when loading these classes:

       <ldap-store module="org.karel.types" .../>

   Then, to configure your custom credential handler you need to:

       <lda-store ...>
          <credential-handler class="org.karel.credential.CustomCredentialHandler"/>

   Please, take a look at the following file for examples how to use our domain model:


Pedro Igor   

----- Original Message -----
From: "Karel Piwko" <kpiwko at redhat.com>
To: security-dev at lists.jboss.org
Sent: Wednesday, November 6, 2013 11:55:55 AM
Subject: [security-dev] How to use PicketLink IDM with custom account type configured on AS/EAP?

Hi All,

I'm looking for recommended setup for $subject. My use case is:

* LDAP server contains data mapped to class Developer that extends
* I want to configure PL IDM on AS/EAP level - in standalone.xml
* I want to be to map Developer from RESTEasy from JSON POST request

So far, I'm thinking of:

* Creating an jar/sar, that will contain classes I need to map deployed to
=> Would PL submodule see these entities? Or do I need to make it a submodule?
* Map JSON to Developer POJO - using different Developer the
=> Is there a way how to reuse Developer POJO from classes in sar?
* Create a custom CredentialsHandler 

I'm wondering whether such approach is correct or I should use something

Many thanks,

security-dev mailing list
security-dev at lists.jboss.org

More information about the security-dev mailing list