PicketBox Overview

    What is PicketBox?

    PicketBox (formerly JBoss Security) is a security framework for Java Applications.


    The features available are:

    1. Authentication
    2. Authorization/Access Control
    3. Auditing
    4. Mapping (Principal/Roles/Attribute)


    The advantage is a simple framework with a single configuration file to handle.


    Project Page is http://jboss.org/picketbox.


    Environment Needed

    PicketBox should run in a regular J2SE (Java JRE) environment. Of course, some dependencies are needed.


    Download Releases

    • 3.0.0.Beta3 is released on March 7, 2010.



    1. Pick the zip from PicketBox Downloads
    2. If you are in a non-JBoss Application Server environment, you need the jboss-logging-spi.jar. Download it from here.


    Relationship between PicketBox and PicketLink

    • PicketBox is the foundational security framework that provides the authentication, authorization, audit and mapping capabilities to Java applications.
    • PicketLink (formerly, JBoss Identity) builds on PicketBox foundation and provides an identity model, federated identity support (SAML, WS-Trust, OpenID), Authz(access control developer api), Negotiation (SPNego/Kerberos based desktop SSO).


    Latest Information