[Jboss-dev-forums] [Design of Security on JBoss] - Re: Generalizing the JACC service

[piratepete <nu...@jb...>]

Scott:

I've been looking at this for personal reasons (lol, trying to convince Ivelin to hire me) but I wrote an article for TSS on SAML and my desire is to create a SAML server and complete administration app for JBoss.

I like that SAML could be used to communicate these "identity" things, but my thoughts are to use e.g. HSQL to house the identity data, provide an administration thereof, and use SAML with JAAS to do multi-domain authenticates and authorization for businesses.

I have been thinking of using combination JAAS with a SAML identity service but if extending JAAS across contexts is possible, that would be better.  In any event, "descripted" security for multi-domain identity management would be sweet.  It's possible I think.

I recently took a job to lead a large project using BEA WebLogic servers but I would like solve this one (extended JAAS, SAML, etc. multi-domain identity management) using JBoss using only J2EE (complete non-proprietary).  I'll keep posting here, since Ivelin pointed me in the right direction.  My article on TSS is here http://www.theserverside.com/articles/article.tss?l=SAML  Take a look, it's somewhat mousetrap but I understand what the problem is, I just haven't found the exact solution yet.

piratepete aka (David Whitehurst)

View the original post : http://www.jboss.org/index.html?module=bb&op=viewtopic&p=3890635#3890635

Reply to the post : http://www.jboss.org/index.html?module=bb&op=posting&mode=reply&p=3890635