[security-dev] How to use PicketLink IDM with custom account type configured on AS/EAP?

Pedro Igor Silva psilva at redhat.com
Thu Nov 14 07:29:56 EST 2013 

Hi Karel,

   Sorry for the late reply. I think you can proceed with the way you described.

   If you put your classes inside a module in AS/EAP, you can use the attribute "module" of the identity store element to specify the module from which classes should be loaded from. This can be useful to consider the module's classloader when loading these classes:

       <ldap-store module="org.karel.types" .../>

   Then, to configure your custom credential handler you need to:

       <lda-store ...>
        <credential-handlers>
          <credential-handler class="org.karel.credential.CustomCredentialHandler"/>
        </credential-handlers>
       </lda-store>

   Please, take a look at the following file for examples how to use our domain model:

       https://github.com/picketlink/picketlink-as-subsystem/blob/master/src/test/resources/picketlink-subsystem.xml#L127

Regards.
Pedro Igor   

----- Original Message -----
From: "Karel Piwko" <kpiwko at redhat.com>
To: security-dev at lists.jboss.org
Sent: Wednesday, November 6, 2013 11:55:55 AM
Subject: [security-dev] How to use PicketLink IDM with custom account type configured on AS/EAP?

Hi All,

I'm looking for recommended setup for $subject. My use case is:

* LDAP server contains data mapped to class Developer that extends
  org.picketlink.idm.model.basic.User
* I want to configure PL IDM on AS/EAP level - in standalone.xml
* I want to be to map Developer from RESTEasy from JSON POST request

So far, I'm thinking of:

* Creating an jar/sar, that will contain classes I need to map deployed to
  AS/EAP
=> Would PL submodule see these entities? Or do I need to make it a submodule?
* Map JSON to Developer POJO - using different Developer the
=> Is there a way how to reuse Developer POJO from classes in sar?
* Create a custom CredentialsHandler 

I'm wondering whether such approach is correct or I should use something
different.

Many thanks,

Karel
_______________________________________________
security-dev mailing list
security-dev at lists.jboss.org
https://lists.jboss.org/mailman/listinfo/security-dev

More information about the security-dev mailing list