[security-dev] How to use PicketLink IDM with custom account type configured on AS/EAP?

Karel Piwko kpiwko at redhat.com
Tue Nov 19 09:38:23 EST 2013 

Thanks Pedro,

the setup is working just fine!

Karel

On Thu, 14 Nov 2013 07:29:56 -0500 (EST)
Pedro Igor Silva <psilva at redhat.com> wrote:

> Hi Karel,
> 
>    Sorry for the late reply. I think you can proceed with the way you
> described.
> 
>    If you put your classes inside a module in AS/EAP, you can use the
> attribute "module" of the identity store element to specify the module from
> which classes should be loaded from. This can be useful to consider the
> module's classloader when loading these classes:
> 
>        <ldap-store module="org.karel.types" .../>
> 
>    Then, to configure your custom credential handler you need to:
> 
>        <lda-store ...>
>         <credential-handlers>
>           <credential-handler
> class="org.karel.credential.CustomCredentialHandler"/> </credential-handlers>
>        </lda-store>
> 
>    Please, take a look at the following file for examples how to use our
> domain model:
> 
>        https://github.com/picketlink/picketlink-as-subsystem/blob/master/src/test/resources/picketlink-subsystem.xml#L127
> 
> Regards.
> Pedro Igor   
> 
> ----- Original Message -----
> From: "Karel Piwko" <kpiwko at redhat.com>
> To: security-dev at lists.jboss.org
> Sent: Wednesday, November 6, 2013 11:55:55 AM
> Subject: [security-dev] How to use PicketLink IDM with custom account type
> configured on AS/EAP?
> 
> Hi All,
> 
> I'm looking for recommended setup for $subject. My use case is:
> 
> * LDAP server contains data mapped to class Developer that extends
>   org.picketlink.idm.model.basic.User
> * I want to configure PL IDM on AS/EAP level - in standalone.xml
> * I want to be to map Developer from RESTEasy from JSON POST request
> 
> So far, I'm thinking of:
> 
> * Creating an jar/sar, that will contain classes I need to map deployed to
>   AS/EAP
> => Would PL submodule see these entities? Or do I need to make it a submodule?
> * Map JSON to Developer POJO - using different Developer the
> => Is there a way how to reuse Developer POJO from classes in sar?
> * Create a custom CredentialsHandler 
> 
> I'm wondering whether such approach is correct or I should use something
> different.
> 
> Many thanks,
> 
> Karel
> _______________________________________________
> security-dev mailing list
> security-dev at lists.jboss.org
> https://lists.jboss.org/mailman/listinfo/security-dev

More information about the security-dev mailing list