Bhargav:
SAML functionality can be provided though a JAAS Login Module - in the case of SAML this module is provided by the PicketLink project implementation. I.e. I can configure a containers security poricipal authentication policy to use a SAML provider but this should be totally transparent to JBPM. A better question to ask is if JBPM fully utilises the configured authentication application policy of the underlying container.