[jboss-as7-dev] security metadata
Anil Saldhana
Anil.Saldhana at redhat.com
Fri Sep 23 12:24:45 EDT 2011
On 09/23/2011 09:02 AM, Bill Burke wrote:
> I want to talk about where app-developers want to security metadata,
> how, and what the format is.
>
> I've already discussed a bit of the types of information that needs to
> be stored:
>
> - username/password
> - keypairs
> - JPG images
> - TOTP keys
> - nonces
> - Tokens
These will be attributes pertaining to an user and generated for an
user? So basically, we are looking at a simple identity store that has
Identity/Attributes mapping. Look at picketlink IDM.
http://anonsvn.jboss.org/repos/picketlink/idm/
> Where do people stored this information?
>
> - 3rd Party IDP
> - 3rd party directory services (LDAP, ActiveDirectory)
> - config files within an app-deployment (WAR, EAR)
> - config files outside an app-deployment
> - a database
>
In real life, they typically store in an LDAP for fast read access.
> What does the metadata look like?
>
> - JBoss defined schemas
> - Extenerally defined schemas (SAML, XACML, custom)
>
> How do they manage this metadata? Do our larger customers want to use
> non-JBoss identity management solutions? Would they use something we
> provided?
Currently mainly SAML and WS-Trust. They will use the PicketLink
Federation with saml and ws-trust capabilities, with custom adapters.
More information about the jboss-as7-dev
mailing list