[Design of JBoss Identity] - Re: SAML Assertions (JBossESB) - jboss-dev-forums

Wednesday, 5 November 2008

Anil

The Integration point for a JBoss ESB Service could be an action class or Spring Listener
class.  This class could be the Policy Enforcement Point (PEP) for either authentication
or authorization. The PEP would then call out to some mechanism, pluggable of course, to
perform the analysis.

...
>For authentication the PEP would need the SAML Assertion or some
other identity token 
...
>For authorization using XACML the PEP needs the Subject (role),
Resource and Action (optional Environment) 
The SAML Assertion (or other identification token) can be placed in the message header for
both the ESB and web Service.   Meta-data for authorization could be placed there too. 

I am looking into some open source identity managers and service providers. 

View the original post :
http://www.jboss.com/index.html?module=bb&op=viewtopic&p=4187127#...

Reply to the post :
http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&a...

2026

2025

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

2006

[Design of JBoss Identity] - Re: SAML Assertions (JBossESB)