Update to latest picketlink version

README.md

@@ -18,17 +18,86 @@ For each target server there is a directory with specific configuration files. T
 + saml/idp/conf/jboss-as7: JBoss AS7 specific configuration files.
 + saml/idp/conf/tomcat-6 : Apache Tomcat 6 configuration files.
 
-To build the examples execute the following command:
+## Jboss Configuration ##
+### AS 7 ###
 
-*mvn -Dbinding=jboss -Dbinding-version=as7 clean install* (package and deploy to JBoss AS7)
+On $JBOSS_HOME/standalone/configuration/standalone.xml add the security domains below
+```
+<security-domain name="idp" cache-type="default">
+   <authentication>
+       <login-module code="UsersRoles" flag="required">
+            <module-option name="usersProperties" value="users.properties" />
+            <module-option name="rolesProperties" value="roles.properties" />
+       </login-module>
+   </authentication>
+</security-domain>      
 
-or
+<security-domain name="picketlink-sts" cache-type="default">
+   <authentication>
+        <login-module code="UsersRoles" flag="required">
+            <module-option name="usersProperties" value="users.properties" />
+            <module-option name="rolesProperties" value="roles.properties" />
+        </login-module>
+    </authentication>
+</security-domain>
+
+<security-domain name="sp" cache-type="default">
+     <authentication>
+         <login-module code="org.picketlink.identity.federation.bindings.jboss.auth.SAML2LoginModule" flag="required"/>
+     </authentication>
+</security-domain>
+```
 
-*mvn -Dbinding=jboss -Dbinding-version=as5 clean install* (package and deploy to JBoss AS5)
+### AS 5 ###
+Copy assembly/jboss-as5/picketlink-* in $JBOSS_HOME/server/server-name/deploy
 
 or
 
-*mvn -Dbinding=tomcat -Dbinding-version=6 clean install* (package and deploy to Apache Tomcat 6)
+On $JBOSS_HOME/server/default/conf/login-config.xml add the security domains below
+```
+<application-policy name="idp">
+	<authentication>
+	  <login-module code="org.jboss.security.auth.spi.UsersRolesLoginModule" flag="required">
+	    <module-option name="usersProperties" value="users.properties" />
+	    <module-option name="rolesProperties" value="roles.properties" />
+	  </login-module>
+	</authentication>
+</application-policy>
+
+
+<application-policy name="picketlink-sts">
+	<authentication>
+	  <login-module code="org.jboss.security.auth.spi.UsersRolesLoginModule" flag="required">
+	    <module-option name="usersProperties" value="users.properties" />
+	    <module-option name="rolesProperties" value="roles.properties" />
+	  </login-module>
+	</authentication>
+</application-policy>
+
+
+<application-policy name="sp">
+	<authentication>
+	  <login-module code="org.picketlink.identity.federation.bindings.jboss.auth.SAML2LoginModule" flag="required" />
+	</authentication>
+</application-policy>
+```
+
+## Building Project ##
+
+Package and deploy to JBoss AS7
+```
+mvn -Dbinding=jboss -Dbinding-version=as7 clean install
+```
+
+Package and deploy to JBoss AS5
+```
+mvn -Dbinding=jboss -Dbinding-version=as5 clean install
+```
+
+Package and deploy to Apache Tomcat 6
+```
+mvn -Dbinding=tomcat -Dbinding-version=6 clean install
+```
 
 Where *binding* refers to the server where package will be deployed and *binding-version* its version.
 

parent/pom.xml

@@ -23,7 +23,7 @@
 
 	<name>PicketLink Federation: Quickstarts Parent</name>
 	<description>This project provides some examples about using PicketLink Federation.</description>
-	
+
 	<packaging>pom</packaging>
 
 	<url>
@@ -72,23 +72,42 @@
 		<maven.compiler.target>1.6</maven.compiler.target>
 
 		<!-- PicketLink version supported -->
-		<version.picketlink>2.1.10-SNAPSHOT</version.picketlink>
+		<picketlink.version>2.6.0.Beta3</picketlink.version>
 
 		<version.junit>4.8.2</version.junit>
 
 		<!-- Indicate the defaut server/binding version to package the applications -->
 		<binding>jboss</binding>
-		<binding-version>as7</binding-version>
-
+		<binding-version>as5</binding-version>
 	</properties>
 
 	<dependencyManagement>
 		<dependencies>
+			<dependency>
+				<groupId>org.picketlink</groupId>
+				<artifactId>picketlink-api</artifactId>
+				<scope>compile</scope>
+				<version>${picketlink.version}</version>
+			</dependency>
+
+			<dependency>
+				<groupId>org.picketlink</groupId>
+				<artifactId>picketlink-impl</artifactId>
+				<scope>runtime</scope>
+				<version>${picketlink.version}</version>
+			</dependency>
+
 			<dependency>
 				<groupId>org.picketlink</groupId>
 				<artifactId>picketlink-core</artifactId>
-				<version>${version.picketlink}</version>
+				<version>2.1.10.Final</version>
 				<scope>provided</scope>
+				<exclusions>
+					<exclusion>
+						<groupId>org.jboss.security</groupId>
+						<artifactId>jbossxacml</artifactId>
+					</exclusion>
+				</exclusions>
 			</dependency>
 
 			<!-- Test dependencies -->
@@ -106,6 +125,17 @@
 			<groupId>org.picketlink</groupId>
 			<artifactId>picketlink-core</artifactId>
 		</dependency>
+
+		<dependency>
+			<groupId>org.picketlink</groupId>
+			<artifactId>picketlink-api</artifactId>
+		</dependency>
+
+		<dependency>
+			<groupId>org.picketlink</groupId>
+			<artifactId>picketlink-impl</artifactId>
+		</dependency>
+
 		<dependency>
 			<groupId>junit</groupId>
 			<artifactId>junit</artifactId>
@@ -152,7 +182,7 @@
 			</plugin>
 		</plugins>
 	</build>
-	
+
 	<distributionManagement>
 		<repository>
 			<id>jboss-releases-repository</id>

saml/employee/conf/jboss-as5/WEB-INF/context.xml

@@ -1,4 +1,3 @@
 <Context>
-  <Valve className="org.picketlink.identity.federation.bindings.tomcat.sp.ServiceProviderAuthenticator"
-  />
+  <Valve className="org.picketlink.identity.federation.bindings.tomcat.sp.ServiceProviderAuthenticator"/>
 </Context>

saml/employee/src/main/webapp/WEB-INF/picketlink.xml

@@ -6,15 +6,10 @@
 		</ServiceURL>
 	</PicketLinkSP>
 	<Handlers xmlns="urn:picketlink:identity-federation:handler:config:2.1">
-		<Handler
-			class="org.picketlink.identity.federation.web.handlers.saml2.SAML2LogOutHandler" />
-		<Handler
-			class="org.picketlink.identity.federation.web.handlers.saml2.SAML2AuthenticationHandler">
-
+		<Handler class="org.picketlink.identity.federation.web.handlers.saml2.SAML2LogOutHandler" />
+		<Handler class="org.picketlink.identity.federation.web.handlers.saml2.SAML2AuthenticationHandler">
 			<Option Key="ASSERTION_SESSION_ATTRIBUTE_NAME" Value="org.picketlink.sp.assertion"/>
-
 		</Handler>
-		<Handler
-			class="org.picketlink.identity.federation.web.handlers.saml2.RolesGenerationHandler" />
+		<Handler class="org.picketlink.identity.federation.web.handlers.saml2.RolesGenerationHandler" />
 	</Handlers>
 </PicketLink>

saml/employee/src/main/webapp/WEB-INF/web.xml

@@ -3,9 +3,7 @@
 	xsi:schemaLocation="http://java.sun.com/xml/ns/javaee http://java.sun.com/xml/ns/javaee/web-app_2_5.xsd"
 	version="2.5">
 	<display-name>PicketLink Employee Application</display-name>
-	<description>
-		Just a Test SP
-	</description>
+	<description> Just a Test SP </description>
 
 	<!-- Define a Security Constraint on this Application -->
 	<security-constraint>

saml/idp/conf/jboss-as5/WEB-INF/context.xml

@@ -1,6 +1,4 @@
 <Context>
-	<Valve
-		className="org.picketlink.identity.federation.bindings.tomcat.idp.IDPSAMLDebugValve" />
-	<Valve
-		className="org.picketlink.identity.federation.bindings.tomcat.idp.IDPWebBrowserSSOValve" />
+	<Valve className="org.picketlink.identity.federation.bindings.tomcat.idp.IDPSAMLDebugValve" />
+	<Valve className="org.picketlink.identity.federation.bindings.tomcat.idp.IDPWebBrowserSSOValve" />
 </Context>

saml/idp/src/main/webapp/WEB-INF/picketlink.xml

@@ -6,14 +6,10 @@
 		</Trust>
 	</PicketLinkIDP>
 	<Handlers xmlns="urn:picketlink:identity-federation:handler:config:2.1">
-		<Handler
-			class="org.picketlink.identity.federation.web.handlers.saml2.SAML2IssuerTrustHandler" />
-		<Handler
-			class="org.picketlink.identity.federation.web.handlers.saml2.SAML2LogOutHandler" />
-		<Handler
-			class="org.picketlink.identity.federation.web.handlers.saml2.SAML2AuthenticationHandler" />
-		<Handler
-			class="org.picketlink.identity.federation.web.handlers.saml2.RolesGenerationHandler" />
+		<Handler class="org.picketlink.identity.federation.web.handlers.saml2.SAML2IssuerTrustHandler" />
+		<Handler class="org.picketlink.identity.federation.web.handlers.saml2.SAML2LogOutHandler" />
+		<Handler class="org.picketlink.identity.federation.web.handlers.saml2.SAML2AuthenticationHandler" />
+		<Handler class="org.picketlink.identity.federation.web.handlers.saml2.RolesGenerationHandler" />
 	</Handlers>
 	<!-- 
 		The configuration bellow defines a token timeout and a clock skew. Both configurations will be used during the SAML Assertion creation.

saml/sales-post/conf/jboss-as5/WEB-INF/context.xml

@@ -1,4 +1,3 @@
 <Context>
-  <Valve className="org.picketlink.identity.federation.bindings.tomcat.sp.ServiceProviderAuthenticator"
-  />
+  <Valve className="org.picketlink.identity.federation.bindings.tomcat.sp.ServiceProviderAuthenticator" />
 </Context>

saml/sales-post/conf/tomcat-6/META-INF/context.xml

@@ -1,4 +1,3 @@
 <Context>
-  <Valve className="org.picketlink.identity.federation.bindings.tomcat.sp.ServiceProviderAuthenticator"
-  />
+  <Valve className="org.picketlink.identity.federation.bindings.tomcat.sp.ServiceProviderAuthenticator"/>
 </Context>

saml/sales-post/src/main/webapp/WEB-INF/picketlink.xml

@@ -2,14 +2,16 @@
 	<PicketLinkSP xmlns="urn:picketlink:identity-federation:config:2.1"
 		ServerEnvironment="tomcat" BindingType="POST">
 		<IdentityURL>${idp.url::http://localhost:8080/idp/}</IdentityURL>
-		<ServiceURL>${sales-post.url::http://localhost:8080/sales-post/}</ServiceURL>
+
+		<!-- You need to put one service url for each restricted area defined on web.xml -->
+		<ServiceURL>${sales-post.url::http://localhost:8080/sales-post/jsp/employers/}</ServiceURL>
+		<ServiceURL>${sales-post.url::http://localhost:8080/sales-post/jsp/managers/}</ServiceURL>
+		<ServiceURL>${sales-post.url::http://localhost:8080/sales-post/jsp/employers/}</ServiceURL>
 	</PicketLinkSP>
+
 	<Handlers xmlns="urn:picketlink:identity-federation:handler:config:2.1">
-		<Handler
-			class="org.picketlink.identity.federation.web.handlers.saml2.SAML2LogOutHandler" />
-		<Handler
-			class="org.picketlink.identity.federation.web.handlers.saml2.SAML2AuthenticationHandler" />
-		<Handler
-			class="org.picketlink.identity.federation.web.handlers.saml2.RolesGenerationHandler" />
+		<Handler class="org.picketlink.identity.federation.web.handlers.saml2.SAML2LogOutHandler" />
+		<Handler class="org.picketlink.identity.federation.web.handlers.saml2.SAML2AuthenticationHandler" />
+		<Handler class="org.picketlink.identity.federation.web.handlers.saml2.RolesGenerationHandler" />
 	</Handlers>
 </PicketLink>

saml/sales-post/src/main/webapp/WEB-INF/web.xml

@@ -4,35 +4,55 @@
 	version="2.5">
 
 	<display-name>Fedbridge Test SALES Application</display-name>
-	<description>
-    Just a Test SP for Fedbridge Project
-  </description>
+	<description>Just a Test SP for Fedbridge Project</description>
 
-	<!-- Define a Security Constraint on this Application -->
+	<welcome-file-list>
+		<welcome-file>/jsp/index.jsp</welcome-file>
+	</welcome-file-list>
+
+	<!-- Define a security constraint that gives unlimted access -->
 	<security-constraint>
 		<web-resource-collection>
-			<web-resource-name>SALES Application</web-resource-name>
-			<url-pattern>/*</url-pattern>
+			<web-resource-name>images</web-resource-name>
+			<url-pattern>/images/*</url-pattern>
+		</web-resource-collection>
+		<web-resource-collection>
+			<web-resource-name>css</web-resource-name>
+			<url-pattern>/css/*</url-pattern>
 		</web-resource-collection>
-		<auth-constraint>
-			<role-name>manager</role-name>
-		</auth-constraint>
 	</security-constraint>
 
-	<!-- Define a security constraint that gives unlimted access to freezone -->
+	<!-- Define a Security Constraint for Managers -->
 	<security-constraint>
 		<web-resource-collection>
-			<web-resource-name>freezone</web-resource-name>
-			<url-pattern>/freezone/*</url-pattern>
+			<web-resource-name>Managers Area</web-resource-name>
+			<url-pattern>/jsp/managers/*</url-pattern>
 		</web-resource-collection>
+		<auth-constraint>
+			<role-name>manager</role-name>
+		</auth-constraint>
+	</security-constraint>
+
+	<!-- Define a Security Constraint for Employers -->
+	<security-constraint>
 		<web-resource-collection>
-			<web-resource-name>images</web-resource-name>
-			<url-pattern>/images/*</url-pattern>
+			<web-resource-name>Employers Area</web-resource-name>
+			<url-pattern>/jsp/employers/*</url-pattern>
 		</web-resource-collection>
+		<auth-constraint>
+			<role-name>employee</role-name>
+		</auth-constraint>
+	</security-constraint>
+
+	<!-- Define a Security Constraint for Sales -->
+	<security-constraint>
 		<web-resource-collection>
-			<web-resource-name>css</web-resource-name>
-			<url-pattern>/css/*</url-pattern>
+			<web-resource-name>Sales Area</web-resource-name>
+			<url-pattern>/jsp/sales/*</url-pattern>
 		</web-resource-collection>
+		<auth-constraint>
+			<role-name>sales</role-name>
+		</auth-constraint>
 	</security-constraint>
 
 	<!-- Define the Login Configuration for this Application -->
@@ -47,9 +67,13 @@
 
 	<!-- Security roles referenced by this web application -->
 	<security-role>
-		<description>
-      The role that is required to log in to the Manager Application
-    </description>
 		<role-name>manager</role-name>
 	</security-role>
+	<security-role>
+		<role-name>employee</role-name>
+	</security-role>
+	<security-role>
+		<role-name>sales</role-name>
+	</security-role>
+
 </web-app>

saml/sales-post/src/main/webapp/index.html

@@ -0,0 +1,6 @@
+<html>
+<head>
+    <title>PicketLink Example Application</title>
+    <META HTTP-EQUIV="refresh" CONTENT="0;URL=jsp/">
+</head>
+</html>