Cheatsheet: PicketLink and JBoss AS

Latest version of PicketLink can be downloaded from http://www.jboss.org/picketlink/downloads

JBoss Application Server v7.1.1

PicketLink v2.0.2.Final is included in the server.

The zipped package of all the web applications are available from  https://repository.jboss.org/nexus/content/groups/public/org/picketlink/picketlink-fed-webapps-as7-assembly/2.0.2.Final/picketlink-fed-webapps-as7-assembly-2.0.2.Final.zip

 

JBoss Application Server v7.1.0

PicketLink v2.0.1.final is included in the server.   If you want to bump it to latest version, then download the latest PicketLink version from http://www.jboss.org/picketlink/downloads  and then replace the jars in the PicketLink module in JBoss AS 7.1.0

You may want to get the latest zip file of the web apps at https://repository.jboss.org/nexus/content/groups/public/org/picketlink/picketlink-fed-webapps-as7-assembly/2.0.2.Final/picketlink-fed-webapps-as7-assembly-2.0.2.Final.zip

 

JBoss Application Server v7.0

http://community.jboss.org/wiki/SAMLWebBrowserSSOOnJBossAS70

 

Important Note about JBoss AS 7.x

JBoss AS 7.x has a new architecture in comparison to older versions of the JBoss AS such as 6.x etc. 

 

Jar Files:

Typically server integration jars exist in the modules directory.  Hence the PicketLink jars that are shipped with JBoss AS 7.x are stored under modules/org/picketlink/main

The .jandex files are typically generated during the AS7 build process. So if you are replacing the jars in this directory by a newer version of PicketLink, just ignore the .jandex files.

 

War Files:

AS7.x does not ship with any default web applications. So you will need to download the PicketLink war files.  The behavior of the PicketLink web applications is similar to what it was on AS6.x

 

 

 

JBoss Application Server v6.0 or v5.x

 

 

Step 1.  Download JBoss Application Server v5.1.0 or v6.0 (Chose the zip file)

 

Step 2: Unzip the jboss-5.1.0.GA.zip in your home directory.

 

Step 3: Download picketlink-2.0.0.final.zip  (Full Distribution) from http://jboss.org/picketlink/downloads.html.

 

Step 4. Unzip the picketlink-2.0.0.final.zip in the $HOME/jboss-5.1.0.GA/server/default/deploy directory

 

After unzipping,  you should have a picketlink directory in the deploy directory.

 

 

/jboss-6.0.0.Final/server/default/deploy/picketlink$ ls
claims.war             idp.war                                       picketlink-fed-2.0.0.final.jar  sales-post.war
employee-post-sig.war  openid4java-nodeps-0.9.5.jar                  picketlink-sp-jboss-beans.xml      sales-saml11.war
employee-post.war      pdp.war                                       picketlink-sts-jboss-beans.xml     sales.war
employee.war           picketlink-bindings-2.0.0.final.jar        picketlink-sts.war
idp-sig.war            picketlink-bindings-jboss-2.0.0.final.jar  sales-post-sig.war

 

Step 5:  Start JBoss AS 5.1/6.0 in the bin directory.

 

Step 6: Go to browser  and enter:  http://localhost:8080/sales/

 

Step 7: When redirected to login, enter:  username: tomcat    password:  tomcat

 

Step 8: You should see the sales page.

 

Step 9: Open a new tab in the browser:    http://localhost:8080/employee/

 

You should see the employee page.

 

Step 10: You can click the logout link and you should have global log out.

Step 11: Doing a refresh should take you to the IDP login page.

 

The above steps are for testing SAML Http/Redirect Binding. 

If you are interested in seeing the SAML Http/Post Binding.

Step 12:  sales:   http://localhost:8080/sales-post/

Step 13: employee:  http://localhost:8080/employee-post/

NOTE:

  • If you passed anything to -b  except for localhost (i.e. you intend to use this on anything BUT localhost) you need to go edit every xml file in WEB-INF and change localhost to the value of -b (or whatever you're going to in the browser should work)
  • Do not forget to configure security domain "idp"  that is a copy paste of "other" or anything you want.